Author: Md Mahfuj Jia
Create Client/Server Keystores using Java Keytool
Run the following commands::
keytool -genkey -alias server -keyalg RSA -keystore server.jks
keytool -genkey -alias client -keyalg RSA -keystore client.jks
keytool -list -v -keystore server.jks -storepass server_public_keypass
keytool -export -file server.cert -keystore server.jks -storepass server_public_keypass -alias server
keytool -export -file client.cert -keystore client.jks -storepass client_public_keypass -alias client
keytool -import -file client.cert -keystore server.jks -storepass server_public_keypass -alias client
keytool -import -file server.cert -keystore client.jks -storepass client_public_keypass -alias server
Java keytool stores the keys and certificates in a keystore, protected by a keystore password. Further, it protects private key again with another password. A Java keystore contains private-public key pair and multiple trusted certificate entries. All entries in a keystore are referred by aliases. Both private key and self signed public key is referred by one alias while any other trusted certificates are referred by different individual aliases.
This is the first part of this tutorial. In second part we discuss about Spring web service server side security configuration and in 3rd part we make a secure client using spring web service client to consume this secure service.