Search This Blog

Lets go..


Securing soap web service with Spring-WS using Wss4jSecurityInterceptor (Part-1)

Author: Md Mahfuj Jia

Create Client/Server Keystores using Java Keytool

Run the following commands::

keytool -genkey -alias server -keyalg RSA -keystore server.jks
keytool -genkey -alias client -keyalg RSA -keystore client.jks
keytool -list -v -keystore server.jks -storepass server_public_keypass
keytool -export -file server.cert -keystore server.jks -storepass server_public_keypass -alias server
keytool -export -file client.cert -keystore client.jks -storepass client_public_keypass -alias client
keytool -import -file client.cert -keystore server.jks -storepass server_public_keypass -alias client
keytool -import -file server.cert -keystore client.jks -storepass client_public_keypass -alias server

Java keytool stores the keys and certificates in a keystore, protected by a keystore password. Further, it protects private key again with another password. A Java keystore contains private-public key pair and multiple trusted certificate entries. All entries in a keystore are referred by aliases. Both private key and self signed public key is referred by one alias while any other trusted certificates are referred by different individual aliases.

This is the first part of this tutorial. In second part we discuss about Spring web service server side security configuration and in 3rd part we make a secure client using spring web service client to consume this secure service.

These are some screen shots::


  1. Digant Shah [From] Iowa,USA
    Very well explained. Thank you very much.

  2. Owww amazing explanation bro. it´s help me a lot, thanks you so much.

  3. Thanks for your tutorial. Waiting for next tut.


Thanks for your opinion