-
Notifications
You must be signed in to change notification settings - Fork 12
/
Copy pathREADME
60 lines (33 loc) · 1.48 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
Overview
========
ImportKey is a patched version of
http://www.agentbob.info/agentbob/80/version/default/part/AttachmentData/data/ImportKey.java
with the certificate chain import code fixed.
Requirements
============
* Java 1.5+
Pre-Flight Instructions
=======================
* Make sure all keys/certs are in .der format
openssl pkcs8 -topk8 -nocrypt -in key.pem -inform PEM -out key.der -outform DER
openssl x509 -in cert.pem -inform PEM -out cert.der -outform DER
* For certificate chains: cat all the certs together
cat cert.der server-chain2.der server-chain1.der ct_root.der > certs.der
* Build ImportKey
javac ImportKey.java
Usage
=====
java ImportKey <private key> <certificate> [<alias>]
Example
=======
java ImportKey key.der cert.der "My Alias"
Changing the Keystore password
==============================
To change the Keystore password to something else you use keytool which is supplied with Sun Java.
So to change it from *importkey* to *mypassword* you would do the following:
keytool -storepasswd -v -keystore ~/keystore.ImportKey -storepass importkey -new mypassword
Also we generally want to change the keypass to the same as the storepass (it too will be set to *importkey*:
keytool -keypasswd -v -alias "My Alias" -keystore ~/keystore.ImportKey -storepass mypassword -keypass importkey -new mypassword
Thanks
======
Kudos to Jochen Seifarth http://www.agentbob.info/ for creating ImportKey which works around keytool's stupid limitations.