Loading

How to create a self-signed Keystore and Trustore SSL Certificate with Java Keytool

Julkaisupäivä: Mar 2, 2024
Tehtävä

GOAL


This article explains how to create both Keystore and truststore SSL certificates using Java keytool utility.
JDK must be installed on the system.  The keytool utility is available in JAVA_HOME\bin directory

Three are the steps needed to generate the needed assets to use in our Mule app to have trusted
communications:

.
├── keystore.jks
├── localhost.cer
└── truststore.jks


 

Vaiheet

 

1. Create the Keystore certificate:

     Keystore is a server-side asset that stores the private keys and the certificates with their public and private keys
  
keytool -v -genkeypair -keyalg RSA -dname "cn=MuleSoft, ou=MuleSoft, o=MuleSoft,L=San Francisco, st=CA, c=US" -ext SAN="DNS:localhost,IP:127.0.0.1" -validity 1825 -alias mykeyalias -keystore keystore.jks -keypass mule123 -storepass mule123
 

2. Export the Certificate to add it into Truststore:  

    Export the certificate so that we can use it in the Truststore.
  
keytool -export -alias mykeyalias -file localhost.cer -keystore keystore.jks
 

3. Create a Trustore certificate:

    Truststore is a client-side asset that serves as a repository of certificates (CA or simple) that the client should trust.
  
keytool -import -v -trustcacerts -alias mykeyalias -file localhost.cer -keystore truststore.jks

 


 

Disclaimer: 
These set of steps are provided as a reference for your own usage and is not to be considered a MuleSoft product.
Same time, using self-signed SSL certificates is not recommended for using on Production environments.

Reference Link: 
How to create a self-signed certificate

Knowledge-artikkelin numero

001115916

 
Ladataan
Salesforce Help | Article