You are into Java security. You want to generate some X.509 certificates to test your application (or use in your production environment). Here's a simple X.509 certificate generator script that makes your life very simple. Download and execute, it will do all the following and you get the keys and signed certificates.
- Generate four jks keystores (CA, service, client1, client2) and possibly more
- Self sign CA certificate with proper certificate extensions
- CA certify service, client1, client2 certificates with proper certificate extensions (AKI, SKI)
- Add service certificate to client1, client2 keystores
- Optionally, add client1 and client2 certificates to service
Download the script: jkscertgen.zip
Download a sample collection of public/private keys and certificates: http://www.swview.org/blog/sample-x509-certificate-collection-publicprivate-keys-java
Execute like this:
- Create a new directory, copy the shell script to it
- Make sure the script is executable (one time)
$ chmod +x jkscertgen.sh
- Run the script
The script can help you learn the steps required to follow to do the above as well. You are free to modify or distribute this work. Look at the script itself for directions.