You can use keytool to generate a new Java keystore file, create a certificate
signing request (CSR), and import the private key, public certificate pair, and signed
certificates into the keystore.
Avant de commencer
Role required: admin
Pourquoi et quand exécuter cette tâche
See the Java keytool documentation for more
information on generating keys and CSRs.
Enter these commands in a command line interface:
Procédure
-
Generate a Java keystore and key pair.
For example, this command creates a keystore called my.keystore and
generates a private key called mydomain within the keystore.
keytool -genkey -alias mydomain -keyalg RSA -keystore my.keystore
-
Generate a CSR for an existing Java keystore.
For example, this command generates a CSR called mydomain.csr or the
mydomain key.
keytool -certreq -alias mydomain -keystore my.keystore -file mydomain.csr
-
Import a root or intermediate certificate authority, or CA,
certificate to the Java keystore.
For example, this command imports the CA certificate for Thawte. This
command assumes that Thwate was the CA that signed the CSR.
keytool -import -trustcacerts -alias root -file Thawte.crt -keystore my.keystore
-
Import a signed primary certificate to the Java keystore.
For example, this command imports the signed certificate mydomain.crt into
the keystore.
keytool -import -trustcacerts -alias mydomain -file mydomain.crt -keystore my.keystore
-
Upload the certificate in the keystore file (my.keystore) to the
instance.