HomeBlogsKamal Wickramanayake's blog

jkscertgen : Generate a full set of CA, service and client keys and certificates in Java keystores

June 18, 2008 - 23:03 — Kamal Wickramanayake

You are into Java security. In one command execution (with no questions asked), if you want to

  1. Generate four jks keystores (CA, service, client1, client2) and possibly more
  2. Self sign CA certificate with proper certificate extensions
  3. CA certify service, client1, client2 certificates with proper certificate extensions (AKI, SKI)
  4. Add service certificate to client1, client2 keystores
  5. Optionally, add client1 and client2 certificates to service

Download jkscertgen

And execute like this

  1. Create a new directory, copy the shell script to it
  2. Make sure the script is executable (one time)
    $ chmod +x jkscertgen.sh
  3. Run the script
    $ ./jkscertgen.sh

The script can help you learn the steps required to follow to do the above as well. You are free to modify or distribute this work. Look at the script itself for directions.

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.