Chapter 4 | Section 4.2 |
Operating SSL | KeyStores and TrustStores |
signing request (CSR). The CA is therefore trusted by the
Note: It is recommended to use the default KeyStore <c:\JavaCAPS>\logicalhost\is\domains\<MyDomain>\config\k eystore.jks where <c:\JavaCAPS> is the directory where the Sun Java Composite Application Platform Suite is installed and <MyDomain> is the name of your domain.
To generate a KeyStore
Use the following command:
keytool
You are prompted for several pieces of information required to generate a CSR. A sample key generation section follows:
Enter keystore password: seebyond What is your first and last name? [Unknown]: development.seebeyond.com
What is the name of your organizational unit? [Unknown]: Development
what is the name of your organization? [Unknown]: SeeBeyond
What is the name of your City of Locality? [Unknown]: Monrovia
What is the name of your State or Province? [Unknown]: California
What is the
Is<CN=Foo Bar, OU=Development, O=SeeBeyond, L=Monrovia, ST=California, C=US> correct?
[no]: yes
Enter key password for <client>
(RETURN if same as keystore password):
If the KeyStore password is specified, then the password must be provided for the eWay. Press RETURN when prompted for the key password (this action makes the key password the same as the KeyStore password).
This operation creates a KeyStore file clientkeystore in the current working directory. You must specify a
There are CAs that do not require the fully qualified domain, but it is recommended to use the
This KeyStore contains an entry with an alias of client. This entry consists of the Generated private key and information needed for generating a CSR as follows:
keytool
HTTPS eWay Adapter User’s Guide | 30 | Sun Microsystems, Inc. |
