beautypg.com

5 create a java security environment step by step, 1 create key store, 2 export x.509 root certificate – Siemens XT65 User Manual

Page 110: 3 create java security commands, Section, Section 12.5.3

background image

Java User’s Guide

12.5 Create a Java Security Environment Step by Step

112

s

wm_java_usersguide_v12

Page 110 of 123

2008-02-25

Confidential / Released

12.5

Create a Java Security Environment Step by Step

12.5.1

Create Key Store

The key store contains the key pairs for signing data. For producing the key store with keys the
tool “keytool.exe” can be used. The program is in the Java SDK. (for a description see

http://

java.sun.com/j2se/1.3/docs/tooldocs/solaris/keytool.html

).

Example:

If you want to re-use the key store created in

Section 12.1.1

you have to use the alias and pass-

words used there.

12.5.2

Export X.509 Root Certificate

For exporting the x.509 root certificate use “keytool.exe”. The program is in the Java SDK. (for
description see

http://java.sun.com/j2se/1.3/docs/tooldocs/solaris/keytool.html

)

12.5.3

Create Java Security Commands

For producing the java security commands the tool “jseccmd.jar” can be used. This program is
in the folder “wkt\bin”.

Command for inserting the Customer Root Certificate

- In consequence of the command

Java security mode: ON (untrusted domain OFF)
HTTPS certificate verification: OFF
MES state: ON

Command for removing the Customer Root Certificate

- In consequence of the command all switches are reset

Java security mode: OFF (untrusted domain OFF)
HTTPS certificate verification: OFF
MES state: ON

keytool -genkey -alias keyname -keypass keypassword -keystore customer.ks

-storepass keystorepassword -sigalg SHA1withRSA -keyalg RSA

keytool -export -v -keystore customer.ks -storepass keystorepassword

-alias keyname > certificate.der

java -jar jseccmd.jar -cmd SetRootCert

-certfile certificate.der

-imei 012345678901234 -alias keyname

-storepass keystorepassword -keypass keypassword

-keystore customer.ks > SetRootCert.bin

java -jar jseccmd.jar -cmd DelRootCert

-imei 012345678901234 -alias keyname

-storepass keystorepassword -keypass keypassword

-keystore customer.ks > DelRootCert.bin

This manual is related to the following products: