Is there a way to make a self-signed client certificate with keytool...

hi,

It is possible to make a self-signed client certificate with keytool and i am successfully using in my dummy application.

The first thing you need to do is create a keystore and generate the key pair. You could use a command such as the following:

keytool -genkey -dname "cn=Mark Jones, ou=JavaSoft, o=Sun, c=US"

-alias business -keypass kpi135 -keystore C:\working\mykeystore

-storepass ab987c -validity 180

(Please note: This must be typed as a single line. Multiple lines are used in the examples just for legibility purposes.)

This command creates the keystore named "mykeystore" in the "working" directory on the C drive (assuming it doesn't already exist), and assigns it the password "ab987c". It generates a public/private key pair for the entity whose "distinguished name" has a common name of "Mark Jones", organizational unit of "JavaSoft", organization of "Sun" and two-letter country code of "US". It uses the default "DSA" key generation algorithm to create the keys, both 1024 bits long.

It creates a self-signed certificate (using the default "SHA1withDSA" signature algorithm) that includes the public key and the distinguished name information. This certificate will be valid for 180 days, and is associated with the private key in a keystore entry referred to by the alias "business". The private key is assigned the password "kpi135".

Also please go through the http://java.sun.com/j2se/1.3/docs/tooldocs/win32/keytool.html

This would help u better.

bye,

Arun

virtuallyreala at 2007-7-13 20:46:27 >