Skip to main content

create a keystore with keytool

No replies
thanhtien501
Offline
Joined: 2011-01-20
Points: 0

Dear all
I can not create a keystore as same as the default keystore.jks

in the default keystore.jks of glashfish, there is some other sections: extention:
#1: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 75 51 36 F7 2B 32 15 6F E2 0F 59 5A DD D7 5E 3F uQ6.+2.o..YZ..^?
0010: 33 3A 21 6A 3:!j
]
]
...

but in my keystore there is nothing

So How can i create a keystore like the default keystore in glashfish
Thank you
PS:I create a keytore using command line :
keytool -genkey -alias tientest -keypass 1qazxsw2 -keystore tien_KeyStore1.jks -storepass 1qazxsw2 -keyalg RSA -dname "CN=BIDC, OU=TEST, O=TEST0, L=DFW, ST=TX, C=US" -validity 3650
and review i:
keytool -list -v -keystore tien_keystore1.jks

Keystore type: JKS
Keystore provider: SUN

Your keystore contains 1 entry

Alias name: tientest
Creation date: Jan 24, 2011
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=BIDC, OU=TEST, O=TEST0, L=DFW, ST=TX, C=US
Issuer: CN=BIDC, OU=TEST, O=TEST0, L=DFW, ST=TX, C=US
Serial number: 4d3cf22e
Valid from: Mon Jan 24 10:29:50 ICT 2011 until: Thu Jan 21 10:29:50 ICT 2021
Certificate fingerprints:
MD5: EA:FE:14:FB:FD:10:4E:99:F2:36:B8:8B:86:3A:AA:1E
SHA1: 07:76:B3:AE:00:00:FB:03:BD:61:F0:4D:8C:79:FB:86:DC:99:29:88
Signature algorithm name: SHA1withRSA
Version: 3

*******************************************
*******************************************

It is a little differen with the defaul keystore.jks in glashfish:

Keystore type: JKS
Keystore provider: SUN

Your keystore contains 4 entries

Alias name: xws-security-server
Creation date: Jan 21, 2011
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=xwssecurityserver, OU=SUN, O=Internet Widgits Pty Ltd, ST=Some-State, C=AU
Issuer: CN=SUNCA, OU=JWS, O=SUN, ST=Some-State, C=AU
Serial number: 2
Valid from: Mon Mar 12 17:18:05 ICT 2007 until: Thu Mar 09 17:18:05 ICT 2017
Certificate fingerprints:
MD5: E4:E3:A9:02:3C:B0:36:0C:C1:48:6E:0E:3E:5C:5E:84
SHA1: 4F:35:F9:38:66:92:F4:5B:6C:C3:5B:7E:78:6C:9F:06:62:5B:95:67
Signature algorithm name: MD5withRSA
Version: 3

Extensions:

#1: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 75 51 36 F7 2B 32 15 6F E2 0F 59 5A DD D7 5E 3F uQ6.+2.o..YZ..^?
0010: 33 3A 21 6A 3:!j
]
]

#2: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:false
PathLen: undefined
]

#3: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 67 BA 65 C6 CE 95 C8 E3 8E 4D 21 72 A2 30 D5 D3 g.e......M!r.0..
0010: F6 18 8C 95 ....
]

[CN=SUNCA, OU=JWS, O=SUN, ST=Some-State, C=AU]
SerialNumber: [ db1e425a aba2a28e]
]

#4: ObjectId: 2.16.840.1.113730.1.13 Criticality=false

*******************************************
*******************************************

Alias name: wssip
Creation date: Jan 21, 2011
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=WSSIP, OU=SUN, O=Internet Widgits Pty Ltd, ST=Some-State, C=AU
Issuer: CN=SUNCA, OU=JWS, O=SUN, ST=Some-State, C=AU
Serial number: 4
Valid from: Tue Mar 13 13:55:25 ICT 2007 until: Fri Mar 10 13:55:25 ICT 2017
Certificate fingerprints:
MD5: 1A:0E:E9:69:7D:D0:80:AD:5C:85:47:91:EB:0D:11:B1
SHA1: 42:3D:7D:0C:EF:AA:A0:D9:ED:04:93:D3:E2:11:43:E7:B5:45:8A:7E
Signature algorithm name: MD5withRSA
Version: 3

Extensions:

#1: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 1B 1D CC 8B 24 E2 CC 5C 4C 6C CC 95 78 F4 83 85 ....$..\Ll..x...
0010: E4 D8 E0 9C ....
]
]

#2: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:false
PathLen: undefined
]

#3: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 67 BA 65 C6 CE 95 C8 E3 8E 4D 21 72 A2 30 D5 D3 g.e......M!r.0..
0010: F6 18 8C 95 ....
]

[CN=SUNCA, OU=JWS, O=SUN, ST=Some-State, C=AU]
SerialNumber: [ db1e425a aba2a28e]
]

#4: ObjectId: 2.16.840.1.113730.1.13 Criticality=false

*******************************************
*******************************************

Alias name: xws-security-client
Creation date: Jan 21, 2011
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=xwssecurityclient, OU=SUN, O=Internet Widgits Pty Ltd, ST=Some-State, C=AU
Issuer: CN=SUNCA, OU=JWS, O=SUN, ST=Some-State, C=AU
Serial number: 3
Valid from: Mon Mar 12 17:24:40 ICT 2007 until: Thu Mar 09 17:24:40 ICT 2017
Certificate fingerprints:
MD5: D1:45:A1:A9:6D:A9:57:9F:69:35:E3:4C:63:B6:98:C9
SHA1: 47:45:53:77:60:84:69:34:C3:DE:A2:7F:94:0A:26:9B:7D:47:01:14
Signature algorithm name: MD5withRSA
Version: 3

Extensions:

#1: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: FE 62 2D 7E FB 85 75 2E C0 D0 60 B2 B0 4E F5 4C .b-...u...`..N.L
0010: 54 71 3F 67 Tq?g
]
]

#2: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:false
PathLen: undefined
]

#3: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 67 BA 65 C6 CE 95 C8 E3 8E 4D 21 72 A2 30 D5 D3 g.e......M!r.0..
0010: F6 18 8C 95 ....
]

[CN=SUNCA, OU=JWS, O=SUN, ST=Some-State, C=AU]
SerialNumber: [ db1e425a aba2a28e]
]

#4: ObjectId: 2.16.840.1.113730.1.13 Criticality=false

*******************************************
*******************************************

Alias name: s1as
Creation date: Jan 6, 2011
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=localhost, OU=GlassFish, O=Oracle Corporation, L=Santa Clara, ST=California, C=US
Issuer: CN=localhost, OU=GlassFish, O=Oracle Corporation, L=Santa Clara, ST=California, C=US
Serial number: 4d2524dd
Valid from: Thu Jan 06 09:11:41 ICT 2011 until: Sun Jan 03 09:11:41 ICT 2021
Certificate fingerprints:
MD5: C2:38:C5:4A:2E:77:DF:29:31:D9:7E:5B:5E:58:77:B9
SHA1: BF:8D:65:6F:AB:21:0B:32:20:0D:4D:FF:DF:80:6B:0C:4C:FF:6D:A2
Signature algorithm name: SHA1withRSA
Version: 3

Extensions:

#1: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: F3 A3 70 59 14 97 15 A3 74 95 10 3F 23 E3 5E C4 ..pY....t..?#.^.
0010: AE 20 6D F3 . m.
]
]

*******************************************
*******************************************