Skip to main content

How to provide certificates for truststore, keystore?

Please note these java.net forums are being decommissioned and use the new and improved forums at https://community.oracle.com/community/java.
1 reply [Last post]
Stephan Schröde...
Offline
Joined: 2011-01-07

Hi,

i want to use WebServices with Mutual Certificates Security. I did the standard tutorial (http://metro.java.net/guide/Example_Applications.html#ahiem) so i have the basic setup working with development defaults for keystore and truststore. And now i'm a little lost trying to understand how to create the certificates that need to go into key- and truststore server- and clientside. (I'm sure keytool has to do with it, but which certificate signs which?)
I know what asymetric keys and certificates are, just never had to use them.

Regards,
Stephan

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
dsosnoski
Offline
Joined: 2003-07-24

Hi Stephan,

You might find my article
http://www.ibm.com/developerworks/java/library/j-jws5/index.html#N10369
useful. The stated topic of this article is Axis2 (some later ones in
the series cover Metro), but the linked "Using your own self-signed
certificates" covers working with keytool to construct certificates and
set up keystores/truststores.

- Dennis

Dennis M. Sosnoski
Java SOA and Web Services Consulting
Axis2/CXF/Metro SOA and Web Services Training

Web Services Jump-Start

On 01/08/2011 05:40 AM, "Stephan Schröder" wrote:
> Hi,
>
> i want to use WebServices with Mutual Certificates Security. I did the standard tutorial (http://metro.java.net/guide/Example_Applications.html#ahiem) so i have the basic setup working with development defaults for keystore and truststore. And now i'm a little lost trying to understand how to create the certificates that need to go into key- and truststore server- and clientside. (I'm sure keytool has to do with it, but which certificate signs which?)
> I know what asymetric keys and certificates are, just never had to use them.
>
> Regards,
> Stephan
>