I am having a .crt file and I wanted to import to keystore and truststore using java(first create keystore and truststore then import).
Below is the code that I am using:
import org.glassfish.tyrus.client.ClientManager;
import org.glassfish.tyrus.client.ClientProperties;
import org.glassfish.tyrus.client.SslContextConfigurator;
import org.glassfish.tyrus.client.SslEngineConfigurator;
@ClientEndpoint
public class test {
private static CountDownLatch latch;
private Logger logger = Logger.getLogger(this.getClass().getName());
@OnOpen
public void onOpen(Session session) {
logger.info("Connected ... " + session.getId());
try {
session.getBasicRemote().sendText("start");
} catch (IOException e) {
throw new RuntimeException(e);
}
}
@OnMessage
public String onMessage(String message, Session session) {
BufferedReader bufferRead = new BufferedReader(new InputStreamReader(System.in));
try {
logger.info("Received ...." + message);
String userInput = bufferRead.readLine();
return userInput;
} catch (IOException e) {
throw new RuntimeException(e);
}
}
@OnClose
public void onClose(Session session, CloseReason closeReason) {
logger.info(String.format("Session %s close because of %s", session.getId(), closeReason));
}
public static void main(String[] args) {
latch = new CountDownLatch(1);
ClientManager client = ClientManager.createClient();
try {
client.connectToServer(test.class, new URI("wss://x.x.x.x:8085"));
latch.await();
} catch (Exception e) {
throw new RuntimeException(e);
}
}
}
I am using tyrus websocket client so, I need to add the following property:
final ClientManager client = ClientManager.createClient();
System.getProperties().put("javax.net.debug", "all");
System.getProperties().put(SSLContextConfigurator.KEY_STORE_FILE, "...");
System.getProperties().put(SSLContextConfigurator.TRUST_STORE_FILE, "...");
System.getProperties().put(SSLContextConfigurator.KEY_STORE_PASSWORD, "...");
System.getProperties().put(SSLContextConfigurator.TRUST_STORE_PASSWORD, "...");
final SSLContextConfigurator defaultConfig = new SSLContextConfigurator();
defaultConfig.retrieve(System.getProperties());
// or setup SSLContextConfigurator using its API.
SSLEngineConfigurator sslEngineConfigurator =
new SSLEngineConfigurator(defaultConfig, true, false, false);
client.getProperties().put(ClientProperties.SSL_ENGINE_CONFIGURATOR,
sslEngineConfigurator);
client.connectToServer(... , ClientEndpointConfig.Builder.create().build(),
new URI("wss://localhost:8181/sample-echo/echo"));
}
So, how can I create keystore and truststore and import .crt into it.
I solved the above problem by directly importing the .crt file to java keystore:
For importing into java keystore
keytool -trustcacerts -keystore "/jdk/jre/lib/security/cacerts" -storepass changeit -importcert -alias testalias -file "/opt/ssl/test.crt"
By using above command the server certificate will be validated and connection will be achieved but if you want to create new keystore and import .crt to it means use the below command it will create the keystore of type .jks.
For creating keystore and import .crt
keytool -import -alias testalias -file test.crt -keypass keypass -keystore test.jks -storepass test@123
here
keystore password : test@123
keypass : keypass
As some code will validate and if you are using wss/https it will ask for keystore/truststore configuration then you can use above configuration mentioned in step2(creating keystore and import .crt). Otherwise step1 (importing into java keystore) is enough.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With