Showing posts with label Certificate. Show all posts
Showing posts with label Certificate. Show all posts

Wednesday, October 14, 2015

How to generate SSL Key, CSR and Self Signed Certificate using OpenSSL.

I have already discussed how to generate SSL certificate using keytool over here. In this article, I am going to explain how can you achieved the same thing using OpenSSL tool.
The three differnet files that I am going to generate i.e. :
  • waheedtechblog.key
  • waheedtechblog.csr
  • waheedtechblog.crt

Generate Private key : waheedtechblog.key

openssl genrsa -des3 -out waheedtechblog.key 1024

Generate a Certificate Signing Request (CSR)

Using above generated key file, We will now create the CSR file

openssl req -new -key waheedtechblog.key -out waheedtechblog.csr

Generate a Self-Signed SSL Certificate

openssl x509 -req -days 365 -in waheedtechblog.csr -signkey waheedtechblog.key -out waheedtechblog.crt

These file can be used to enable SSL in Apache Server.

Sometime, we need to remove passphrase to run key in Apache Server, if you get such issue while enabling SSL in Apache Server then run following command to remove passphrase :

openssl rsa -in waheedtechblog.key -out waheedtechblog_new.key

Your new file is key without encryption.

Thank you..!!!!

Friday, May 24, 2013

How to read certificates using CertificateFactory class

In my previous blog, I have explained how can you create self signed certificate using bouncy castle API and how to import it into keystore.

This tutorial will explain how to read existing certificate file using class.


 * Reads the certificate and import into Java keystore.
 * @author abdul
public class ReadCertificateFile {

     * @param args
     * @throws Exception
    public static void main(String[] args) throws Exception {

        ReadCertificateFile readCertificateFile = new ReadCertificateFile();

        // Path of the certificate file
        FileInputStream fis = new FileInputStream("YOUR_CERTIFICATE.cert");

         * Returns a CertificateFactory object of the specified certificate
         * type.
        CertificateFactory cf = CertificateFactory.getInstance("X.509");
         * Read the certificate from the specified input stream, and returns it
         * as a Certificate object. It can read certificate in both binary (DER
         * encoded) and printable (RFC standard) formats.
         */ cert = cf.generateCertificate(fis);

        System.out.println("Certificate Details: ");
        /*Returns the type of this certificate factory*/
        System.out.println("Type = " + cert.getType());
        System.out.println("toString = " + cert.toString());

        PublicKey key = cert.getPublicKey();
        System.out.println("PublicKey Object Info: ");
        System.out.println("Algorithm = " + key.getAlgorithm());
        System.out.println("Format = " + key.getFormat());
        System.out.println("toString = " + key.toString());

        // save/import certificate into keystore

    private void saveCert(Certificate cert) throws Exception {
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(null, null);

        // import your certificate into keystore
        keyStore.setCertificateEntry("YOUR_ALIAS_NAME", cert);

        // name of keystore "
        File file = new File(".", "YOUR_KEYSTORE_NAME"); FileOutputStream(file),


How TOPT Works: Generating OTPs Without Internet Connection

Introduction Have you ever wondered how authentication apps like RSA Authenticator generate One-Time Passwords (OTPs) without requiring an i...