OpenSSL and Java import/export
#Keypair from EC2:
#Extract private key from keypair:
openssl rsa -in ./ssL-mess/ubuntu-1.pem -inform pem -noout -text
openssl rsa -in ./ssL-mess/ubuntu-1.pem -inform pem -out ./ssL-mess/ubuntu-1.der -outform der
#DER private key from private key:
openssl pkcs8 -topk8 -inform PEM -outform DER -in ./ssL-mess/ubuntu-1.pem -out ./ssL-mess/ubuntu-1-private.der -nocrypt
#DER public key from private key:
#(Not needed)
#openssl rsa -in ./ssL-mess/ubuntu-1.pem -inform pem -pubout -out ./ssL-mess/ubuntu-1-public.der -outform der
#Extract public key as self signed cert:
openssl req -new -x509 -key ./ssL-mess/ubuntu-1.pem -out ./ssL-mess/ubuntu-1-public-cert.crt
keytool -printcert -v -file ./ssL-mess/ubuntu-1-public-cert.crt
java -cp /jdk1.8.0/jre/lib/security ImportKey ./ssL-mess/ubuntu-1-private.der ./ssL-mess/ubuntu-1-public-cert.crt
keytool -list -v -keystore ~/keystore.ImportKey
Create self signed key pair and add to new key store:
keytool -genkey -alias mykey -keyalg RSA -keystore keystore.jks -keysize 2048
Export public key and import into new trust store:
keytool -keystore keystore.jks -export -alias mykey -file my.cer
keytool -import -alias mypub -file my.cer -keystore truststore.jks
(Alternate way) Manually import certificate from HTTPS server to trust store:
Firefox: Add Exception -> Get Certificat -> View -> Details -> Export as "a.der"
keytool -importcert -keystore truststore.jks -file a.der
