Menu
I am using a Tomcat that is SSL enabled, using truststores for client authentication.
I have two .jks trustore files.
The first, I use it for the PROD environment and the other for the TEST environment client certificates.
I deploy the web application, on a Tomcat and until now i was setting one of the above files in the configuration (according to the environment).
Is it possible i can merge those files into one .jks truststore that will accept client certificates both for PROD and TEST environments?
I need to mention that i have the passwords for both truststores.
Thanks!
402
To merge two Keystore/Truststore files using Java Keytool, use the option "-importKeystore" to merge two Keystore/TrustStore files.
The command "importkeystore" is used to import an entire keystore into another keystore, which means all entries from the source keystore, including keys and certificates, are all imported to the destination keystore within a single command. You can use this command to import entries from a different type of keystore.
The Java KeyStore (JKS) system is provided as part of your Java installation. Private keys and certificates for your server are stored in a keystore file. The JKS system supports both PKCS #12 .
You can use the -importkeystore option of keytool to import an entry from one keystore/truststore to another:
keytool -importkeystore -srckeystore test.jks -destkeystore common.jks -srcalias myRootCA -destalias myRootCA_TEST -srcstorepass **** -deststorepass ****
keytool -importkeystore -srckeystore prod.jks -destkeystore common.jks -srcalias myRootCA -destalias myRootCA_PROD -srcstorepass **** -deststorepass ****
The common.jks will then contain both CA to validate the client certificates. However, the application may also need to be reconfigured.
193
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
