Sun Microsystems 5.1.1 Network Cables User Manual

Open as PDF

of 114

Chapter 4 Section 4.4

Operating SSL Using the OpenSSL Utility

HTTPS eWay Adapter User’s Guide 38 Sun Microsystems, Inc.

create an initial serial number file used for tracking certificate signing. This

certificate will be valid for 365 days.

keytool -import -keystore clientkeystore -file client.cer

-alias client

Enter keystore password: seebeyond

keytool error: java.lang.Exception: Failed to establish chain from

You get an exception because there is no certificate chain in the client certificate so

we have to import the CA’s certificate into the KeyStore first. You can then import

the client.cer itself to form a certificate chain. You need the following steps:

keytool -import -keystore clientkeystore -file CA

ca-certificate.pem.txt -alias theCARoot

Enter keystore password: seebeyond

Owner: EmailAddress=development@seebeyond.com, CN=development.seebeyo

nd.com, OU=Development, O=SeeBeyond, L=Monrovia, ST=California, C=US

Issuer: EmailAddress=development@seebeyond.com, CN=development.seebey

ond.com,

OU=Development, O=SeeBeyond, L=Monrovia, ST=California, C=US

Serial number: 0

Valid from: Tue May 08 15:09:07 PDT 2001 until: Wed May 08

15:09:07 PDT 2002

Certificate fingerprints:

MD5: 60:73:83:A0:7C:33:28:C3:D3:A4:35:A2:1E:34:87:F0

SHA1: C6:D0:C7:93:8E:A4:08:F8:38:BB:D4:11:03:C9:E6:CB:9C:D0:72:D0

Trust this certificate? [no]: yes

Certificate was added to keystore

keytool –import –keystore clientkeystore –file client.cer –alias

client

Enter keystore password: seebeyond

Certificate reply was installed in keystore

Now that we have a private key and an associating certificate chain in the KeyStore

clientkeystore, we can use it as a KeyStore for client (eWay) authentication. The

only warning is that the CA certificate must be imported into the trusted certificate

store of the Web server to which you will be connecting. Moreover, the Web server

must be configured for client authentication (httpd.conf for Apache, for example).

This appendix contains the contents of the openssl.cnf file that can be used on

Windows. Be sure to make the appropriate changes to the directories.

4.4.3 Windows OpenSSL.cnf File Example

This section contains the contents of the openssl.cnf file that can be used on Windows.

Be sure to make the appropriate changes to the directories.

# SSLeay example properties file.

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Sun Microsystems 5.1.1 Network Cables User Manual