- SSL (Secure Socket Layer) is a protocol to encrypt information.
- HTTPS is nothing but HTTP + SSL. HTTPS ensures that the information being transferred over HTTP is secured from theft.
- SSL Certificate contains Public Key + Identity information of the website/company which is verified by the Certification authority (visit Reference #3, #4 if you don't understand this).
- TrustStore: file that contains the server certificates that are required by JVM for accepting SSL connections with trusted servers (simply: to trust outbound connections).
- KeyStore: file that contains client certificates that are required by JVM for establishing an SSL connection with a server that requires client certificate authentication.
Note: Technically, there is no difference between TrustStore & KeyStore. They both are essentially used for storing SSL Certificates.
JVM comes with a Certificate Store called 'cacerts'.
It resides in "\jre\lib\security\cacerts". 'cacerts' is JVM's default TrustStore as well as default KeyStore.
=========
keytool -import -alias ca -file somecert.cer -keystore cacerts –storepass changeit
Trust this certificate: [Yes]
=========
echo "" | openssl s_client -connect my.server.com:443 -showcerts 2>/dev/null | openssl x509 -out certfile.txt
=========
fuentes:
http://javarushi.blogspot.mx/2012/07/consuming-secure-web-services-or-web.html
No hay comentarios.:
Publicar un comentario