Keytool creates keystore and trustsotre files

1. Generate a keystore file containing a private key

[email protected]:~$ keytool -genkey -keystore keystore -alias jetty-azkaban -keyalg RSAEnter keystore password: Re-enter new password: What is your first and last name?  [Unknown]:  azkabanWhat is the name of your organizational unit?  [Unknown]:  JettyWhat is the name of your organization?  [Unknown]:  AugWhat is the name of your City or Locality?  [Unknown]:  SHWhat is the name of your State or Province?  [Unknown]:  SHWhat is the two-letter country code for this unit?  [Unknown]:  86Is CN=azkaban, OU=Jetty, O=Aug, L=SH, ST=SH, C=86 correct?  [no]:  yesEnter key password for <jetty-azkaban2>(RETURN if same as keystore password):

Ii. Verify the generated keystore File

keytool -list -v -keystore keystore.jks Enter keystore password:

Keystore type: JKSKeystore provider: SUNYour keystore contains 1 entryAlias name: jetty-azkabanCreation date: Jul 9, 2014Entry type: PrivateKeyEntryCertificate chain length: 1Certificate[1]:Owner: CN=azkaban, OU=Jetty, O=Aug, L=SH, ST=SH, C=86Issuer: CN=azkaban, OU=Jetty, O=Aug, L=SH, ST=SH, C=86Serial number: 5f84c457Valid from: Wed Jul 09 15:09:41 CST 2014 until: Tue Oct 07 15:09:41 CST 2014Certificate fingerprints:         MD5:  2F:D3:D9:61:0E:DD:B5:CD:96:E0:5F:C0:C5:87:54:FD         SHA1: FD:0B:B4:57:37:CE:7A:40:02:DF:43:2A:A0:2A:70:A5:AE:AE:45:51         SHA256: D5:EE:99:BF:E6:31:FC:4E:B3:B4:CD:8B:07:1D:D1:44:D0:CD:91:D8:83:15:F8:9D:D9:5E:41:E1:AA:FB:45:CB         Signature algorithm name: SHA256withRSA         Version: 3Extensions:#1: ObjectId: 2.5.29.14 Criticality=falseSubjectKeyIdentifier [KeyIdentifier [0000: B5 97 26 95 F0 F5 D4 9E   4C 28 84 28 D4 B0 21 90  ..&.....L(.(..!.0010: 6E A7 1E E0                                        n...]]**************************************************************************************

Iii. Export the credential File

[email protected]:~$ keytool -export -alias jetty-azkaban -keystore keystore.jks -rfc -file selfsignedcert.cerEnter keystore password:

The generated CER file is as follows:

[email protected]:~$ cat selfsignedcert.cer-----BEGIN CERTIFICATE-----MIIDTTCCAjWgAwIBAgIEX4TEVzANBgkqhkiG9w0BAQsFADBXMQswCQYDVQQGEwI4NjELMAkGA1UECBMCU0gxCzAJBgNVBAcTAlNIMQwwCgYDVQQKEwNBdWcxDjAMBgNVBAsTBUpldHR5MRAwDgYDVQQDEwdhemthYmFuMB4XDTE0MDcwOTA3MDk0MVoXDTE0MTAwNzA3MDk0MVowVzELMAkGA1UEBhMCODYxCzAJBgNVBAgTAlNIMQswCQYDVQQHEwJTSDEMMAoGA1UEChMDQXVnMQ4wDAYDVQQLEwVKZXR0eTEQMA4GA1UEAxMHYXprYWJhbjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALtFxXjvwjfMW10cs1f35eeswYGKghZXcIbUmGY1SiWhwsw0ZgajTPf9sXCK6wMkN83XO1JOE2x3g3BVdN51CMZ6XvEr5cvjOn15t3vUIsWJoBi1Bk2D25fDS3GDVr8qF/ghOMcQXo+Ut6vLMVTrrNzbs7ifB6UNiPMPgSfGJwrfoEL9cSTCmsXq4Dx1HxEcgd4+KxOgbKPHx9Q4Iv6+HV091IWGdIElmUxaWgasD7mArdmiDvLd7kQzWWXiky0RVde/LX0Z4zH9RVtuuN7dvK433gnBIYZJeOzoo3J2gIepzwmBl3q2HHNMfDhupaGsKYYx5vAtzSAFQmATeRf8b2kCAwEAAaMhMB8wHQYDVR0OBBYEFLWXJpXw9dSeTCiEKNSwIZBupx7gMA0GCSqGSIb3DQEBCwUAA4IBAQCAnuL1Wkfx+bPSyPPlqysMcjTc1pvv8hDU+8V4BV1u5f/v+etJ4gIdv9d6f4phkvBtoxEgQIq1VqONhdJrWL+J0h4W05Cy0AR/tkLA19VjhkIQvh7ZFBfJ6G/K7JbmH0/f1oplrkQ9jMUdji7gE8OINNRynJGdgH9xd8Mm1I6+IBjUVUY7jKoVxKzkwJaH06fKUTp3oPqmfyW7ZekzvVXQhqADEpsmZ6Hd30dmzJWkI2lwbsQNE9vf3dG7qKLDeWi78A7KZc3qtBvDUmyheztUpmAM/PCoO+vmCgZALkaQ1sTWORqQOsylSBY2ZDul0si+rI0nZ9Y6dTxhgFxe9QoB-----END CERTIFICATE-----

4. Import the CER file of the credential to the truststore File

[email protected]:~$ keytool -import -alias certificatekey -file selfsignedcert.cer -keystore truststore.jksEnter keystore password:

View the generated truststore File

[email protected]:~$ keytool -list -v -keystore truststore.jksEnter keystore password:Keystore type: JKSKeystore provider: SUNYour keystore contains 1 entryAlias name: jetty-azkabanCreation date: Jul 9, 2014Entry type: trustedCertEntryOwner: CN=azkaban, OU=Jetty, O=Aug, L=SH, ST=SH, C=86Issuer: CN=azkaban, OU=Jetty, O=Aug, L=SH, ST=SH, C=86Serial number: 5f84c457Valid from: Wed Jul 09 15:09:41 CST 2014 until: Tue Oct 07 15:09:41 CST 2014Certificate fingerprints:         MD5:  2F:D3:D9:61:0E:DD:B5:CD:96:E0:5F:C0:C5:87:54:FD         SHA1: FD:0B:B4:57:37:CE:7A:40:02:DF:43:2A:A0:2A:70:A5:AE:AE:45:51         SHA256: D5:EE:99:BF:E6:31:FC:4E:B3:B4:CD:8B:07:1D:D1:44:D0:CD:91:D8:83:15:F8:9D:D9:5E:41:E1:AA:FB:45:CB         Signature algorithm name: SHA256withRSA         Version: 3Extensions:#1: ObjectId: 2.5.29.14 Criticality=falseSubjectKeyIdentifier [KeyIdentifier [0000: B5 97 26 95 F0 F5 D4 9E   4C 28 84 28 D4 B0 21 90  ..&.....L(.(..!.0010: 6E A7 1E E0                                        n...]]**************************************************************************************