beautypg.com

Siemens XT65 User Manual

Page 101

background image

Java User’s Guide

12.1 Secure Data Transfer

112

s

wm_java_usersguide_v12

Page 101 of 123

2008-02-25

Confidential / Released

1. Create CA and generate CA Root Certificate

- We need certificates with sha1 signature. Java Security supports a sha1 signature of the

certificate only.
Add the parameter "-sha1" to the command "Making CA certificate ..." in the section of
file CA.pl (cygwin location \cygwin\usr\ssl\misc”)

- Create a shell (use location \cygwin\usr\ssl\misc)
- Execute commands

- Convert file format from PEM to DER

CA certificate cacert.pem

CA private key file cakey.pem

2. Create server certificate and java keystore

- Execute command

The field “name” of the certificate is the domain name or the IP address of the server.

3. Create certificate request for server certificate

- Execute command

4. Sign certificate request by CA

- Execute command

- Convert file format from PEM to DER

>perl CA.pl –newca

>openssl x509 -in ./demoCA/cacert.pem -inform PEM

-out ./demoCA/cacert.der -outform DER

>openssl pkcs8 -in ./demoCA/private/cakey.pem

-inform PEM -out ./demoCA/private/cakey.der

-outform DER -nocrypt -topk8

>keytool -genkey -alias server

-keypass keypass -keystore customer.ks -storepass keystorepass

-sigalg SHA1withRSA -keyalg RSA

>keytool -certreq -alias server -file server.csr

-keypass keypass -keystore customer.ks

-storepass keystorepass

>openssl ca -in server.csr -out server.pem

>openssl x509 -in server.pem -inform PEM

-out server.der -outform DER

This manual is related to the following products: