Hi Steven
Here is a script for creating a self signed cert. Jetty can use
this keystore for https access.
#! /bin/sh
// create a key store with private key
keytool -genkey -alias server -keystore /var/keysserver/cokeys
-storepass storepassword# -keypass keypassword@ -dname "CN=cocoon.org,
OU=Security Provider, O=Apache,L=Virginia Beach, S=Virginia, C=US"
-validity 3600 -v
// generate a self signed sertificate
keytool -selfcert -alias servercert -keystore /var/keysserver/cokeys
-alias server -storepass storepassword# -keypass keypassword@ -dname
"CN=test.cocoon.org,OU=Web Services,O=Apache,L=Virginia
Beach,S=Virginia, c=US" -validity 3600 -v
Here is a script for generating a request for signing
echo "keytool -genkey"
keytool -genkey -alias cocoonkey -keyalg RSA -keystore
/var/cocoon/certs/cokeys -storepass storepass# -keypass keypass@ -dname
"CN=apache.cocoon.org, OU=PMC, O=Cocoon development, L=Suffolk,
S=Virginia, C=US" -validity 3600 -v
echo "keytool certreq"
keytool -certreq -sigalg MD5withRSA -alias cocoonkey -file
/var/cocoon/certs/cocoonreq.csr -keystore /var/cocoon/certs/cokeys
-storepass storepass# -keypass keypass@
Hva the file in /var/cocoon/certs.cocoonreq.csr signed
by an authority then import it:
echo "keytool ...import cert"
keytool -import -v -alias cocoonkey -file
/var/cocoon/certs/cocooncrt.crt -keypass keypass@ -keystore
/var/cocoon/certs/cokeys -storepass storepass# -trustcacerts
Hope this helps and is not too late.
Steven Noels wrote:
Hi folks,
I'm trying to use a https source in a simple pipeline, but Java doesn't
like the server certificate on the originating side. With the help of
openssl, I managed to save a local copy of the certificate, but now I
need to add it to my local set of certificates.
Despite gazillion of web pages, I haven't quite found out how and why
(the 'how' would be enough to start with).
Has anyone experience with adding certificates to the Java security
machinery?
Thanks,
</Steven>