keytool

I'm using openssl to create self-signed certs. I'm getting this error with the certs I generated: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names present Does anyone know how to specify "Subject alternative name" while creating a cert? This is how I'm generating a keystore: sudo $JAVA_HOME/bin/keytool -genkey -dname "CN=192.168.x.xxx, OU=I, O=I, L=T, ST=On, C=CA" -alias tomcat -validity 3650 -keyalg RSA -keystore /root/.keystore -keypass abcd -storepass abcd To generate a key: openssl s_client -connect 192.168.x.xxx:8443 2>/dev/null

I am trying to import a certificate and a key file into the keystore but I'm unable to do that. How can I create a keystore by importing both an existing certificate (abc.crt) and abc.key files? The easiest is probably to create a PKCS#12 file using OpenSSL: openssl pkcs12 -export -in abc.crt -inkey abc.key -out abc.p12 You should be able to use the resulting file directly using the PKCS12 keystore type. If you really need to, you can convert it to JKS using keytool -importkeystore (available in keytool from Java 6): keytool -importkeystore -srckeystore abc.p12 \ -srcstoretype PKCS12 \

I can't figure out how to get the Key Hash required to use the Facebook Android SDK. I figured out that I can use keytool with these commands: keytool -exportcert -alias [alias] -keystore [keystore] | openssl sha1 -binary | openssl enc -a -e The only problem is that I have no idea where to insert this, I tried through command windows (win7) and I tried opening the file keytool.exe. Pradyumna Swain Download and install OpenSSL from http://slproweb.com/products/Win32OpenSSL.html based on windows 32 or 64 bit.(Note: Download and install first visual C++ 208 redisributable from that site also )

I have an Apache Tomcat 6.x server running with a self-signed SSL certificate. I want the client to present their own certificate to the server so I can authenticate them based on a database of users. I have it all working based on an example I found online, but the example came with canned certificates and a pre-build JKS datastore. I want to create my own datastore with my own certs but am having no luck. How do I create a datastore for Tomcat? How do I create a self-signed certificate for Tomcat? How do I create a self-signed certificate for the client? How do I force Tomcat to trust the

I need to import a certificate into my JVM keystore. I am using the following: keytool -import -alias daldap -file somecert.cer so I would need to probably change my call into something like: keytool -import -alias daldap -file somecert.cer -keystore cacerts –storepass changeit Your keystore will be in your JAVA_HOME---> JRE -->lib---> security--> cacerts . You need to check where your JAVA_HOME is configured, possibly one of these places, Computer--->Advanced --> Environment variables---> JAVA_HOME Your server startup batch files. In your import command -keystore cacerts (give full path to

I need to sign Android application ( .apk ). I have .pfx file. I converted it to .cer file via Internet Explorer and then converted .cer to .keystore using keytool. Then I've tried to sign .apk with jarsigner but it says that .keystore doesn't content a private key. What I'm doing wrong? Using JDK 1.6 or later It has been pointed out by Justin in the comments below that keytool alone is capable of doing this using the following command (although only in JDK 1.6 and later): keytool -importkeystore -srckeystore mypfxfile.pfx -srcstoretype pkcs12 -destkeystore clientcert.jks -deststoretype JKS