wiki:ESGFNodeInstallation/GeneratingCertsFromTruststore

Version 5 (modified by terryk, 7 years ago) (diff)

--

Generating Certs From Truststore

List entrys in truststore:

$ keytool -v -list -keystore truststore.ts -storepass password

Select the alias that can be exported to the Internet RFC 1421 standard. The option '-exportcert' reads (from the truststore) the certificate associated with alias, and stores it in the file outFile.

keytool -exportcert -alias entryAlias -file outFile -keystore truststore.ts -rfc -storepass password

Find out the hash of the cert. Options:

  • -subject_hash: print subject hash value
  • -subject_hash_old: print old-style (MD5) subject hash value
  • -issuer_hash: print issuer hash value
  • -issuer_hash_old: print old-style (MD5) issuer hash value
$ openssl x509 -subject_hash_old -noout -in cert