Skip to content

Add a Certificate to a JDK Installation

> sudo /depot/jdk-1.6/bin/keytool -keystore /depot/jdk-1.6/jre/lib/security/cacerts -import -file example.pem -alias EXAMPLE
Password:
Enter keystore password:
Owner: CN=dc02, DC=example, DC=com
Issuer: CN=dc01, DC=example, DC=com
Serial number: 70e889ad000000000009
Valid from: Mon Mar 30 15:56:24 PDT 2009 until: Wed Mar 30 16:06:24 PDT 2011
Certificate fingerprints:
MD5: 5B:2E:90:C6:2D:3F:C9:9F:8D:E6:9D:15:AD:3C:0A:AD
SHA1: B9:0B:62:65:72:72:80:0B:1E:8F:71:B5:87:A7:FB:6D:E8:A5:34:E5
Signature algorithm name: SHA1withRSA
Version: 3
Extensions:
#1: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
]
#2: ObjectId: 1.3.6.1.4.1.311.21.2 Criticality=false
#3: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]
#4: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 23 A9 82 4C 1A EC 2B 6B 61 A4 FE A3 76 67 A0 E3 #..L..+ka...vg..
0010: C8 BF 53 7E ..S.
]
]
#5: ObjectId: 1.3.6.1.4.1.311.21.1 Criticality=false
#6: ObjectId: 1.3.6.1.4.1.311.20.2 Criticality=false
#7: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
[
accessMethod: 1.3.6.1.5.5.7.48.2
accessLocation: URIName: ldap:///CN=dc01,CN=AIA,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=example,DC=com?cACertificate?base?objectClass=certificationAuthority,
accessMethod: 1.3.6.1.5.5.7.48.2
accessLocation: URIName: http://dc01.example.com/CertEnroll/dc01.example.com_dc01.crt]
]
#8: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: ldap:///CN=dc01,CN=dc01,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=example,DC=com?certificateRevocationList?base?objectClass=cRLDistributionPoint, URIName: http://dc01.example.com/CertEnroll/dc01.crl]
]]
#9: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: A7 BB 47 5D 87 FE B3 00 06 6D F9 F0 05 E4 E0 02 ..G].....m......
0010: D3 4E BE F3 .N..
]
]
Trust this certificate? [no]: yes
Certificate was added to keystore

The default password is “changeit” – you did change it, right?

Post a comment Trackback URI RSS 2.0 feed for these comments This entry (permalink) was posted on Tuesday, February 2, 2010, at 2:01 pm by admin. Filed in Java.

Post a Comment

Your email is never published nor shared. Required fields are marked *
*
*