beautypg.com

Create a java security environment step by step, Create key store, Export x.509 root certificate – Siemens TC65 User Manual

Page 80: Create java security commands, 2 export x.509 root certificate, 3 create java security commands

background image

TC65 JAVA User's Guide
Strictly confidential / Released

s

TC65 JAVA User's Guide_V05

Page 80 of 90

26.09.2005

11.5

Create a Java Security Environment Step by Step

11.5.1

Create Key store

The key store contains the key pairs for signing data. For producing the key store with keys
the tool “keytool.exe” can be used.

The program is in the Java SDK. (for a description see

http://java.sun.com/j2se/1.3/docs/tooldocs/solaris/keytool.html

)


Example:

keytool -genkey -alias keyname -keypass keypassword -keystore customer.ks
-storepass keystorepassword -sigalg SHA1withRSA -keyalg RSA

11.5.2

Export X.509 Root Certificate

For exporting the x.509 root certificate use “keytool.exe”. The program is in the Java SDK.
(for description see

http://java.sun.com/j2se/1.3/docs/tooldocs/solaris/keytool.html

)

keytool -export -v -keystore customer.ks -storepass keystorepassword
-alias keyname > certificate.der

11.5.3

Create Java Security Commands

For producing the java security commands the tool “jseccmd.jar” can be used.
This program is in the folder “wkt\bin”.

Command: switch to java security mode (Set Customer Root Certificate)

java -jar jseccmd.jar -cmd SetRootCert -certfile customer.der
–imei 012345678901234 -alias keyname
-storepass keystorepassword -keypass keypassword
-keystore customer.ks > SetRootCert.bin


Command: switch to java normal mode (Del Customer Root Certificate)

java -jar jseccmd.jar -cmd DelRootCert
–imei 012345678901234 -alias keyname
-storepass keystorepassword -keypass keypassword
-keystore customer.ks > DelRootCert.bin


Command: switch on Certificate Verification for HTTPS Connections

java -jar jseccmd.jar -cmd HttpsVerifyOn
–imei 012345678901234 -alias keyname
-storepass keystorepassword -keypass keypassword
-keystore customer.ks > HttpsVerifyOn.bin


Command: switch off Certificate Verification for HTTPS Connections

java -jar jseccmd.jar -cmd HttpsVerifyOff
–imei 012345678901234 -alias keyname
-storepass keystorepassword -keypass keypassword
-keystore customer.ks > HttpsVerifyOff.bin