how to import certificate from the server and generate jks for it?
Question
Some outer service which I use change http to https, and now I can't receive responses to my requests from it. So, I want to configure SSLSettings for my http requests. And as I understand I should "convert" public certificate from outer service (site) to jks file, to use in SSLSettings. When I request to outer service, I receive an exception:
Caused by: javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
I'm novice in ssl. With command:
openssl s_client -connect some.host:443 | openssl x509 -pubkey -noout
I receive the answer:
depth=3 C = US, O = "The Go Daddy Group, Inc.", OU = Go Daddy Class 2 Certification Authority
verify error:num=19:self signed certificate in certificate chain
verify return:0
-----BEGIN PUBLIC KEY-----
//.....
-----END PUBLIC KEY-----
I don't really understand, in what format I receive this public key and what should I do next to create jks file? And I don't really understand, Am I in the right direction?
2 answers
solution1
0 2016-02-24 10:58:52
With keytool you can generate your keystore (.jks file ). you should use a command like :
keytool -keystore clientkeystore -genkey -alias client
for more detailed instructions check this url:
https://docs.oracle.com/cd/E19509-01/820-3503/6nf1il6er/index.html
solution2
0 2016-02-24 12:13:12
Not sure if i am getting your question right but to generate a keystore you can use the below comand
keytool -genkeypair -keysize 2048 -keyalg RSA -alias testalias -keystore /test.keystore -ext SAN=dns:localhost,ip:xxx.xxx.xxx.xxx
and later extract the public key from it
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.