Wednesday Dec 18, 2013

Steps to create a csr ( certificate signing request ) using keytool and get it signed from an external CA ( Certificate Authority - Thawte )

How to create a csr ?

How to get a certificate signed from an external / third party CA ?

How to create a certificate chain ?

-----------

 Defaults for keytool command in Java 1.6 :

-alias "mykey"

-keyalg

    "DSA" (when using -genkeypair)

    "DES" (when using -genseckey)

-keysize

    1024 (when using -genkeypair)

    56 (when using -genseckey and -keyalg is "DES")

    168 (when using -genseckey and -keyalg is "DESede")

-validity 90

In generating a public/private key pair, the signature algorithm (-sigalg option) is derived from the algorithm of the underlying private key: If the underlying private key is of type "DSA", the -sigalg option defaults to "SHA1withDSA", and if the underlying private key is of type "RSA", -sigalg defaults to "MD5withRSA".

-------------------------------------------

Defaults for keytool command in Java 1.7 :

-alias "mykey"

-keyalg

    "DSA" (when using -genkeypair)

    "DES" (when using -genseckey)

-keysize

    2048 (when using -genkeypair and -keyalg is "RSA")

    1024 (when using -genkeypair and -keyalg is "DSA")

    256 (when using -genkeypair and -keyalg is "EC")

    56 (when using -genseckey and -keyalg is "DES")

    168 (when using -genseckey and -keyalg is "DESede")

-validity 90

If the underlying private key is of type "DSA", the -sigalg option defaults to "SHA1withDSA"

If the underlying private key is of type "RSA", the -sigalg option defaults to "SHA256withRSA".

If the underlying private key is of type "EC", the -sigalg option defaults to "SHA256withECDSA".

 -------------------------------------------- 

The chaining can be of 2 types :

root……………………….ow = xxx

……………………………..is= xxx

inter ……………………… ow= xxx

………………………………is= yyy

signedcert……………….. ow= yyy

……………………………… is= ppp

and

signedcert ……………… ow= ppp

…………………………….. is= yyy

inter……………………… ow= yyy

…………………………….. is= xxx

root………………………. ow= xxx

…………………………….. is= xxx

In this post we will see how to create a csr and get it signed from a third party CA like Thawte...

[Read More]
About

Oracle Fussion Middleware - WebLogic

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today