Wednesday, 4 August 2021

Generating CSR certificate using Keytool

 Perquisites: Need to have Keytool (which is present in the Jdk bin folder)


For generating the key store need to enter in the command prompt the below

keytool -genkey -alias docx -keyalg RSA -keystore docx

Beside alias you need give the file generation name. I have given docx.  you can change the keystore value.

Once you enter in the command prompt the below will be generated

Enter keystore password:

Re-enter new password:

What is your first and last name?

  [Unknown]:  test.test.com

What is the name of your organizational unit?

  [Unknown]:  test

What is the name of your organization?

  [Unknown]:  test

What is the name of your City or Locality?

  [Unknown]:  Singapore

What is the name of your State or Province?

  [Unknown]:  Singapore

What is the two-letter country code for this unit?

  [Unknown]:  SE

Is CN=test.test.com, OU=Agility, O=test, L=Singapore, ST=Singapore, C=SE correct?

  [no]:  yes


Once the activity is completed a file is generated with docx from the above command.


If you required the .csr file to be generate from the docx file need to run the below command.

c:\temp>keytool -certreq -keyalg RSA -alias docx -file docx.csr -keystore docx

once click enter then it will ask for password.

Enter keystore password:

File will be generated.


After getting the root.crt, intermidate.crt & servercertificate.crt file 

Run the below commands in the server 

keytool -import -alias root -keystore docxuat -trustcacerts -file root.crt

keytool -import -alias intermediate -keystore docx -trustcacerts -file intermediate.crt

keytool -import -alias docx -keystore docx -file ServerCertificate.cr

------------------------

once done for applying in the network need to run the below commands


keytool -importkeystore -srckeystore docx.jks -destkeystore docx.p12 -deststoretype PKCS12 -srcalias docx -srcstorepass Agility@123 -srckeypass Agility@123 -destalias docx -deststorepass Agility@123 -destkeypass Agility@123


openssl pkcs12 -in docx.p12 -nocerts -nodes -out docx.key

openssl pkcs12 -export -out docxfinalcrt.pfx -inkey docx.key -in docx.txt

Posted by at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)