Key and Certificate Management
Keystore and truststore are files used by Java in order to authenticate both client and server when using the HTTPS protocol.
A keystore is used for storing private keys and associated certificate. Whereas a truststore is a pool of trusted certificates used by the client to authenticate/trust connection with third-parties.
Java default truststore is a cacert file located in the java.home/lib/security directory. Where java.home is the runtime environment’s directory.
The default password of Java default truststore is changeit. |
For more details on keys and certificates management
with the keytool
utility, please refer to the keytool man page, or online documentation.
Import a private key
The Java keytool
utility does not support importing a private key directly from a file.
First convert the private key into PKCS12 format, then merge that file with the Java keystore:
$ openssl pkcs12 -export -in server.crt -inkey server.key -out file.p12
$ keytool -importkeystore -srckeystore file.p12 -destkeystore file.keystore -srcstoretype PKCS12 -destalias company
Import a certificate
To import a certificate into a keystore/truststore:
$ keytool -importcert -keystore file.keystore -file file.crt -alias company
You can now use the keystore and certificate alias to configure HTTPS access to your Squore installation following the instructions in Accessing Squore via HTTPS.