Jun 9, 2017

How to setup a HTTPS server

Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation.  All rights reserved.

C:\Users\Administrator>cd %JAVA_HOME%

C:\Program Files\Java\jdk1.8.0_65>cd bin

C:\Program Files\Java\jdk1.8.0_65\bin>keytool -help
Key and Certificate Management Tool

Commands:

 -certreq            Generates a certificate request
 -changealias        Changes an entry's alias
 -delete             Deletes an entry
 -exportcert         Exports certificate
 -genkeypair         Generates a key pair
 -genseckey          Generates a secret key
 -gencert            Generates certificate from a certificate request
 -importcert         Imports a certificate or a certificate chain
 -importpass         Imports a password
 -importkeystore     Imports one or all entries from another keystore
 -keypasswd          Changes the key password of an entry
 -list               Lists entries in a keystore
 -printcert          Prints the content of a certificate
 -printcertreq       Prints the content of a certificate request
 -printcrl           Prints the content of a CRL file
 -storepasswd        Changes the store password of a keystore

Use "keytool -command_name -help" for usage of command_name

Generating own SSL RSA key using java keytool

C:\Program Files\Java\jdk1.8.0_65\bin>keytool -genkey -alias tomcat -keyalg RSA
Enter keystore password: abc@123
Re-enter new password: abc@123
What is your first and last name?
  [Unknown]:  raghavendra B A
What is the name of your organizational unit?
  [Unknown]:  srh
What is the name of your organization?
  [Unknown]:  srh
What is the name of your City or Locality?
  [Unknown]:  bangalore
What is the name of your State or Province?
  [Unknown]:  karnataka
What is the two-letter country code for this unit?
  [Unknown]:  in
Is CN=raghavendra B A, OU=srh, O=srh, L=bangalore, ST=karnataka, C=in correct?
  [no]:  yes

Enter key password for
        (RETURN if same as keystore password):

Output:
the file will be generated at the location C:\Users\Administrator as .keystore

If you want to specify the location and name during the process then use -keystore filename
example:
C:\Program Files\Java\jdk1.8.0_65\bin>keytool -genkey -alias tomcat -keyalg RSA
-keystore C:\Users\Administrator\Desktop\mykey

Apache Tomcat 8 configuration in server.xml

 <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
               maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS" 
  keystoreFile="C:\Users\Administrator\Desktop\SRHSSLKey"
          keystorePass="baikadi@99"/>

Used https://www.opinionatedgeek.com/codecs/htmlencoder for encoding the above code snippet 

Checking the working of HTTPS

https://localhost:8443/

No comments:

Post a Comment