jamesnguyen101 · January 14, 2019 10:03
diff --git a/ssl-self-signed.txt b/ssl-self-signed.txt

 ## PA 1: Import the certificate into the Java Store
   keytool -import  -keystore $JAVA_HOME/jre/lib/security/cacerts -file $CERT_FILE  -storepass "changeit" -alias $ALIAS	

 ## PA 2: run java app with arguments 
 java -Djavax.net.ssl.trustStore=my-domain.com.jks -Djavax.net.ssl.trustStorePassword=sb1234  Get https://selfsigned.my-domain.com

 ## PA 3: custom  code

 ... 

 ############################################  SSL guide

 	PEM_FILE=my-domain.pem
 	JKS_FILE=my-domain.jks
 	P12_FILE=my-domain.p12
 	CSR_FILE=my-domain.csr
 	KEY_FILE=my-domain.key
 	CERT_FILE=my-domain.cert
 	DOMAIN=my-domain.com
 	PASS=ab#1234

 ## create self-signed certificate

 	openssl genrsa -out $KEY_FILE 2048
 	openssl req -new -out $CSR_FILE -key $KEY_FILE
 	openssl x509 -req -days 365 -in $CSR_FILE -signkey $KEY_FILE -out $CERT_FILE

 ## Convert the certificate and private key to PKCS 12
 	openssl pkcs12 -export -in $CERT_FILE -inkey $KEY_FILE -name $DOMAIN -out $P12_FILE
 	
 ## Convert the pkcs12 to pem file 
 	openssl pkcs12 -in $P12_FILE -out $PEM_FILE
 			   
 ## Convert the pkcs12 file to a java keystore

 	keytool -importkeystore -deststorepass $PASS -destkeypass $PASS -destkeystore $JKS_FILE	-srckeystore $P12_FILE -srcstoretype PKCS12 -srcstorepass $PASS -alias $DOMAIN

 ## convert PKCS 12 file to cert file and key|pem file
 	# convert to cert file
 	openssl pkcs12 -in $P12_FILE -out newfile.cert -clcerts -nokeys
 	# convert to key|pem file
 	openssl pkcs12 -in $P12_FILE -out newfile.key -nocerts -nodes

 ############################################# Java code test
 import java.net.URL;
 public class Get
 {
   public static void main( String[] args ) throws Exception
   {
       try
       {
           new URL( args[0] ).openConnection().getInputStream();
           System.out.println( "Succeeded." );
       }
       catch( javax.net.ssl.SSLHandshakeException e )
       {
           System.out.println( "SSL exception." );
       }
   }
 }


 ## run
 javac Get.java 
 java Get https://selfsigned.my-domain.com

	## PA 1: Import the certificate into the Java Store
	keytool -import -keystore $JAVA_HOME/jre/lib/security/cacerts -file $CERT_FILE -storepass "changeit" -alias $ALIAS

	## PA 2: run java app with arguments
	java -Djavax.net.ssl.trustStore=my-domain.com.jks -Djavax.net.ssl.trustStorePassword=sb1234 Get https://selfsigned.my-domain.com

	## PA 3: custom code

	...

	############################################ SSL guide

	PEM_FILE=my-domain.pem
	JKS_FILE=my-domain.jks
	P12_FILE=my-domain.p12
	CSR_FILE=my-domain.csr
	KEY_FILE=my-domain.key
	CERT_FILE=my-domain.cert
	DOMAIN=my-domain.com
	PASS=ab#1234

	## create self-signed certificate

	openssl genrsa -out $KEY_FILE 2048
	openssl req -new -out $CSR_FILE -key $KEY_FILE
	openssl x509 -req -days 365 -in $CSR_FILE -signkey $KEY_FILE -out $CERT_FILE

	## Convert the certificate and private key to PKCS 12
	openssl pkcs12 -export -in $CERT_FILE -inkey $KEY_FILE -name $DOMAIN -out $P12_FILE

	## Convert the pkcs12 to pem file
	openssl pkcs12 -in $P12_FILE -out $PEM_FILE

	## Convert the pkcs12 file to a java keystore

	keytool -importkeystore -deststorepass $PASS -destkeypass $PASS -destkeystore $JKS_FILE -srckeystore $P12_FILE -srcstoretype PKCS12 -srcstorepass $PASS -alias $DOMAIN

	## convert PKCS 12 file to cert file and key\|pem file
	# convert to cert file
	openssl pkcs12 -in $P12_FILE -out newfile.cert -clcerts -nokeys
	# convert to key\|pem file
	openssl pkcs12 -in $P12_FILE -out newfile.key -nocerts -nodes

	############################################# Java code test
	import java.net.URL;
	public class Get
	{
	public static void main( String[] args ) throws Exception
	{
	try
	{
	new URL( args[0] ).openConnection().getInputStream();
	System.out.println( "Succeeded." );
	}
	catch( javax.net.ssl.SSLHandshakeException e )
	{
	System.out.println( "SSL exception." );
	}
	}
	}


	## run
	javac Get.java
	java Get https://selfsigned.my-domain.com