Create a new keystore to host a server ssl certificate

About About
- Excellence
- Open Source
- Team
- Case History
- Partners
Solutions Solutions
- Education
  
  A complete and tested solution for the world of Education
- Healthcare
  
  A complete and tested solution for the world of Healthcare
- PA
  
  A complete and tested solution for the world of Public Administration
- Financial
  
  A complete and proven solution for the word of Finance
- Tailored
  
  A completely customized and proven solution for your needs
Develop Develop
Blog
Support
Contacts Contacts

Written by

Few basic steps to create a complete keystore to host a server certificate. Create your custom self-signed CA if not yet available a trusted one # openssl genrsa -des3 -out ca.key 1024 # openssl req -new -x509 -day

Few basic steps to create a complete keystore to host a server SSL certificate.

Create your custom self-signed CA if not yet available a trusted one

openssl genrsa -des3 -out ca.key 1024

openssl req -new -x509 -days 3650 -key ca.key -out ca.cer -config openssl.cnf

Generate your server private key

keytool -genkey -alias server -dname "CN=www.tirasa.net, OU=ITC, O=Tirasa, L=Pescara, ST=Italy, C=IT" -storepass password -keystore keystore -keyalg RSA -keypass password

Import the CA create above into your new keystore

keytool -import -alias ca -file ca.cer  -keypass password -keystore keystore -storepass password

Generate your certificate request

keytool -certreq -alias server -keyalg RSA -file tirasa.req -keypass password -keystore keystore -storepass password

Sign request with your CA

openssl ca -config openssl.cnf -days 3650 -cert ca.cer -keyfile ca.key -out tirasa.pem -infiles tirasa.req

Modify server certificate.
Remove all excluding what inside BEGIN/END CERTIFICATE

 -----BEGIN CERTIFICATE-----
              MIIDHzCCAoigAwIBAgIBEjANBgkqhkiG9w0BAQQFADBfMQswCQYDVQQGEwJJVDEO
              ........
              -----END CERTIFICATE-----

Genberate DER certificate from your modified PEM

openssl x509 -in tirasa.pem -outform DER -out tirasa.der

Import DER certificate.
Make sure to use the same alias used for the private key.

keytool -import -alias server -file tirasa.der -keypass password -keystore keystore -storepass password

0 VOTI

Not rated yet

Ti è stato utile questo articolo?

From Tirasa's Blog

The place where we share what we do, learn and discover day by day.

16/01/2024

Tirasa

Syncope 3.0: why you need it and don't know it

Blog

Digital evolution has made secure and efficient identity and access management crucial, both in cloud and on-premises...

Apache Syncope

Access Management

Identity Management

17/11/2023

Tirasa

Apereo CAS and the access to On-Premises and Cloud Applic...

Blog

In recent years, an increasing number of companies have embraced cloud migration to benefit from greater flexibility,...

Access Management

Security

Apereo CAS

11/07/2023

Tirasa

Why if you use Apereo CAS you should consider implementin...

Blog

Apereo CAS is a powerful tool for managing authentication and authorization in your organization, but it can sometime...

Apache Syncope

Open Source

Apereo CAS

02/05/2023

Tirasa

IAM and privacy: how an IAM solution can help companies c...

Blog

Data privacy and security are essential concerns for companies operating in today's digital age. Cyber threats and da...

Open Source

Access Management

Identity Management

22/03/2023

Tirasa

Managing vendor access and securing corporate information...

Blog

In today's business landscape, companies often rely on external vendors to provide specialized services and support. ...

Access Management

Identity Management

Security

20/02/2023

Misagh Moayyed

Apache Syncope Web Access - Design & Architecture

Blog

One of the major features of Syncope 3.0 Maggiore is the new component Web Access (WA): let's understand how it works.

Apache Syncope

Access Management

15/02/2023

Francesco Chicchiriccò

Protecting web applications with Syncope 3.0 / Part 3

Blog

Now that web applications are protected by Syncope 3.0, it's time to get back in control about which users can access.

Apache Syncope

Access Management

Identity Management

07/12/2022

Francesco Chicchiriccò

Protecting web applications with Syncope 3.0 / Part 2

Blog

Following our previous post, we are going to show how to protect legacy web applications with Syncope 3.0 Maggiore.

Apache Syncope

Access Management

23/11/2022

Francesco Chicchiriccò

Protecting web applications with Syncope 3.0 / Part 1

Blog

Let's leverage some of the new features in Apache Syncope 3.0 Maggiore to protect web applications.

Apache Syncope

Access Management

25/09/2022

Misagh Moayyed

Apereo CAS - SSO Session Management

Blog

One of the most important and perhaps most popular features of Apereo CAS is its ability, as an identity provider, to...

Access Management

Apereo CAS

04/08/2021

Misagh Moayyed

Privileged Access Management (PAM) with Apereo CAS

Blog

Privileged Access Management (PAM) describes systems that can manage elevated permissions on a special set of account...

Access Management

Apereo CAS

02/03/2021

Misagh Moayyed

Apereo CAS - SAML 2.0 Metadata Caching

Blog

Caching SAML 2.0 metadata exchanges with Apereo CAS.

Access Management

Apereo CAS

30/05/2020

Marco Di Sabatino Di Diodoro

Managing Okta Users with Apache Syncope

Blog

Managing users on different platforms is one of the goals that Apache Syncope has set itself. In recent months we hav...

Apache Syncope

ConnId

24/03/2020

Matteo Alessandroni

Apache Syncope:log in via SAML 2.0 using Apereo CAS

Blog

How to configure Apache Syncope to log in via SAML 2.0 using Apereo CAS

Apache Syncope

Access Management

13/02/2020

Andrea Patricelli

Dynamic Spring's @Transactional (2020 edition)

Blog

Spring's declarative transaction management on steroids

Java

25/11/2019

Federico Palmitesta

Ansible & Apache Syncope

Blog

Ansible is an IT automation engine for cloud provisioning, configuration management, application deployment, intra-se...

Apache Syncope

Identity Management

05/09/2019

Misagh Moayyed

Andiamo, Tirasa!

Blog

I am excited to join forces with the good folks at Tirasa, to continue working on open-source identity and access man...

News

03/09/2019

Dima Ayash

SCIM to provision users from Azure AD to OpenLDAP

Blog

SCIM is a standard for automating the exchange of user identity information between identity domains.

Apache Syncope

Identity Management

07/05/2019

Marco Di Sabatino Di Diodoro

Managing Google Apps Accounts with Apache Syncope

Blog

Many organizations are migrating to Google Apps, a suite focused on productivity, collaboration and communication.

Apache Syncope

ConnId

15/03/2019

Tirasa

Tirasa is commercial affiliate of the Apereo Foundation

Blog

Our commitment in the Open Source world keeps growing

News

Go to blog >