|
Question |
How do you use keytool to add CA certs into trust
store? |
|
|
|
Cause |
"iKeyman"
is a graphical user interface of the key management utility. If you have
issues using the graphical user interface, use keytool. |
|
|
Answer |
See the WebSphere® Application Servier Information center
topic Managing
digital certificates for additional infomation on managing digital
certificates using iKeyman and keytool.
Sample 1 using keytool: (Keytool will prompt for TrustStore
password.)
C:\WebSphere51x\DeploymentManager\java\jre\bin>keytool -import -alias
<Display Name Of CA > -file <location of the CA cert Ex:
c:\dummycert.arm> -keystore <Location of Trust store Ex:
C:\WebSphere51x\DeploymentManager\java\jre\lib\security\cacerts>
Enter keystore password: secret
Owner: CN=jserver, OU=SWG, O=IBM, C=US
Issuer: CN=jserver, OU=SWG, O=IBM, C=US
Serial number: 3d1387b2
Valid from: 6/21/02 4:08 PM until: 3/17/05 3:08 PM
Certificate fingerprints:
MD5:
2D:41:4E:6A:2E:1C:51:DE:3C:58:9B:C8:44:73:E1:7A
SHA1:
7D:F7:9C:9C:A0:0D:70:14:EA:78:6A:F1:35:7E:84:7B:81:72:D7:4F
Trust this certificate? [no]: yes
Certificate was added to keystore
Sample 2 using keytool:
C:\WebSphere51x\DeploymentManager\java\jre\bin>keytool -import -alias
"MyNew CA" -file c:\bccert.arm -keystore
C:\WebSphere51x\DeploymentManager\etc\DummyServerTrustFile.jks
Enter keystore password: secret
Owner: CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore,
C=IE
Issuer: CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore,
C=IE
Serial number: 20000b9
Valid from: 5/12/00 2:46 PM until: 5/12/25 7:59 PM
Certificate fingerprints:
MD5:
AC:B6:94:A5:9C:17:E0:D7:91:52:9B:B1:97:06:A6:E4
SHA1:
D4:DE:20:D0:5E:66:FC:53:FE:1A:50:88:2C:78:DB:28:52:CA:E4:74
Trust this certificate? [no]: yes
Certificate was added to keystore |
|
|
|
|
Cross Reference information |
Segment |
Product |
Component |
Platform |
Version |
Edition |
Application Servers |
Runtimes for Java Technology |
Java SDK |
|
|
|
|
|
|