Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [keystore]

39 questions
37
votes
3 answers

Import of PEM certificate chain and key to Java Keystore

There are plenty of resources out there about this topic, but none I found which covers this slightly special case. I have 4 files; privatekey.pem certificate.pem intermediate_rapidssl.pem ca_geotrust_global.pem And I wish to import them into a…
Trollbane
  • 473
  • 1
  • 5
  • 4
14
votes
1 answer

Copy a Java keystore on one machine to another?

I have a keystore on one machine (at /root/.keystore) and I want to move it to another machine at the same location. Currently, the second machine doesn't have a keystore at /root/.keystore, is there a way I can export then create/import? Or do I…
Brandon
  • 247
  • 1
  • 2
  • 6
9
votes
3 answers

Is there anywhere that I can get a valid , signed, SSL cert to the "localhost" domain for testing?

Is there anywhere that I can get a valid , signed, SSL cert to the "localhost" domain for testing? Does anyone anywhere offer a download of something like this that I can use in testing? I know how to use openssl to sign a key with a CA, but…
djangofan
  • 4,182
  • 10
  • 46
  • 59
6
votes
1 answer

How do I secure the access token, on Linux, to remote, automated secrets stores like Hashicorp Vault?

There seems to be a bit of a "chicken and egg" problem with the passwords to the password managers like Hashicorp Vault for Linux. While researching this for some Linux servers, someone clever asked, "If we're storing all of our secrets in a…
Nathan Basanese
  • 341
  • 2
  • 5
  • 19
3
votes
1 answer

What Does "L1K" indicate on an Entrust Certificate

I was working with a teammate importing certificates into a java keystore and I noticed our intermediate certificate had the ".L1K" notation, was then about to import into our Java application's keystore and saw there was another 'entrustl1k'…
Flux
  • 33
  • 1
  • 4
3
votes
0 answers

Creating SSL certificate signed by a self-signed CA certificate in Jetty

I'm trying to configure a jetty-distribution-9.3.1.v20150714 backend running on Java 1.8.0_45-b14 with a certificate signed by a self-signed CA certificate, for SSL pinning. Following Apple's guide, I created a self signed CA certificate, then…
Kof
  • 143
  • 1
  • 4
3
votes
1 answer

java keystore can't validate URL

With the same url, this ends up giving a verify return code 20 (unable to get local issuer of certificate): openssl s_client -connect $URL:443 -showcerts -CAfile /etc/ssl/certs/java/cacerts This gives a verify return code of 0: openssl s_client…
ben w
  • 131
  • 1
  • 6
3
votes
2 answers

Access keystore on Sun ONE Webserver 6.1 for 2048 bit key length SSL

We want to get 2048 bit key length CSR requests. The browser based GUI provides us with a 1024 bit CSR and I don't know how to change that. It seems that 1024 bit key lengths will no longer supported by SSL companies. (Lower cost options only…
700 Software
  • 2,233
  • 10
  • 49
  • 77
2
votes
0 answers

Setup keystore and truststore in elastic beanstalk

Im new to AWS, mutual authentication. However I have not setup elastic bean stalk. I am working with a payment API. The organization that has setup the API requires a keystore and trust store to be setup I have signed up my for AWS and simply setup…
Brian Hawi
  • 21
  • 3
2
votes
1 answer

How do I properly generate a keystore for ssl?

I'm trying to get an ssl certificate from godaddy for use with jetty. These are my steps: keytool -keystore keystore -alias jetty -genkey -keyalg RSA -keysize 2048 What is your first and last name?: example.com What is the name of your…
user211262
  • 21
  • 1
  • 2
2
votes
1 answer

How can I persist certificates in Java's cacerts?

We need to have a certificate in Java's cacerts keystore for one of our servers that is authenticated by LDAP. We are using Ubuntu server. We have successfully done this by updating the cacerts file in…
Alan Spark
  • 143
  • 7
1
vote
1 answer

Creating an SSL keystore for bitbucket server

I'm getting quite frustrated trying to setup https access to our bitbucket server. Following bitbuckets documentation isn't that helpful. So far I have the executed the following commands Firtly, I created a certificate signing request and sent…
ScaryAardvark
  • 209
  • 1
  • 4
  • 13
1
vote
1 answer

If I'm redirecting port 80 to 443 with ssl set up in nginx and proxy to my application on port 5000 do I still need to set up Spring boot to use SSL?

Sorry if this should go into stackoverflow or security, it's kind of a middle of the road question. I have nginx on an elastic beanstalk instance which is set to redirect 80 to 443 and is proxying 443 traffic to port 5000 which my Spring Boot app…
LiamRyan
  • 135
  • 1
  • 6
1
vote
0 answers

JMX: How to select one Key of a Java-Keystore

To enable SSL at different JVM instances and also for other security related purposes I use different Java keystores at different hosts. Until now I put each key into one keystore. For security and maintenance reasons as well and also to use more…
shylynx
  • 191
  • 1
  • 1
  • 7
1
vote
4 answers

Using SSH keys from backup on another machine to access server

I created a server, and configured SSH to not allow root login and disable password access, so only accepts an SSH key to login. I have a machine A with a key, and I can access my server from that machine without any problems. Also have a backup of…
Pablo Pazos
  • 113
  • 1
  • 5
1
2 3