Package org.apache.jorphan.exec
Class KeyToolUtils
- java.lang.Object
-
- org.apache.jorphan.exec.KeyToolUtils
-
public class KeyToolUtils extends Object
Utilities for working with Java keytool
-
-
Field Summary
Fields Modifier and Type Field Description static String
ROOT_CACERT_CRT_PFX
static boolean
SUPPORTS_HOST_CERT
Does this class support generation of host certificates?
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static void
generateHostCert(File keystore, String password, String host, int validity)
Create a host certificate signed with the CA certificate.static void
generateProxyCA(File keystore, String password, int validity)
Creates a self-signed Root CA certificate and an intermediate CA certificate (signed by the Root CA certificate) that can be used to sign server certificates.static void
genkeypair(File keystore, String alias, String password, int validity, String dname, String ext)
Generate a self-signed keypair using the algorithm "RSA".static String[]
getCAaliases()
Returns a list of the CA aliases that should be in the keystore.static String
getRootCAalias()
Get the root CA alias; needed to check the serial number and fingerprintstatic boolean
haveKeytool()
static String
list(File keystore, String storePass)
List the contents of a keystore
-
-
-
Field Detail
-
ROOT_CACERT_CRT_PFX
public static final String ROOT_CACERT_CRT_PFX
- See Also:
- Constant Field Values
-
SUPPORTS_HOST_CERT
public static final boolean SUPPORTS_HOST_CERT
Does this class support generation of host certificates?
-
-
Method Detail
-
genkeypair
public static void genkeypair(File keystore, String alias, String password, int validity, String dname, String ext) throws IOException
Generate a self-signed keypair using the algorithm "RSA". Requires Java 7 or later if the "ext" parameter is not null.- Parameters:
keystore
- the keystore; if it already contains the alias the command will failalias
- the alias to use, not nullpassword
- the password to use for the store and the keyvalidity
- the validity period in days, greater than 0dname
- the distinguished name value, if omitted use "cn=JMeter Proxy (DO NOT TRUST)"ext
- if not null, the extension (-ext) to add (e.g. "bc:c"). This requires Java 7.- Throws:
IOException
- if keytool was not configured or running keytool application fails
-
generateProxyCA
public static void generateProxyCA(File keystore, String password, int validity) throws IOException
Creates a self-signed Root CA certificate and an intermediate CA certificate (signed by the Root CA certificate) that can be used to sign server certificates. The Root CA certificate file is exported to the same directory as the keystore in formats suitable for Firefox/Chrome/IE (.crt) and Opera (.usr). Requires Java 7 or later.- Parameters:
keystore
- the keystore in which to store everythingpassword
- the password for keystore and keysvalidity
- the validity period in days, must be greater than 0- Throws:
IOException
- if keytool was not configured, running keytool application failed or copying the keys failed
-
generateHostCert
public static void generateHostCert(File keystore, String password, String host, int validity) throws IOException
Create a host certificate signed with the CA certificate. Requires Java 7 or later.- Parameters:
keystore
- the keystore to usepassword
- the password to use for the keystore and keyshost
- the host, e.g. jmeter.apache.org or *.apache.org; also used as the aliasvalidity
- the validity period for the generated keypair- Throws:
IOException
- if keytool was not configured or running keytool application failed
-
list
public static String list(File keystore, String storePass) throws IOException
List the contents of a keystore- Parameters:
keystore
- the keystore filestorePass
- the keystore password- Returns:
- the output from the command "keytool -list -v"
- Throws:
IOException
- if keytool was not configured or running keytool application failed
-
getCAaliases
public static String[] getCAaliases()
Returns a list of the CA aliases that should be in the keystore.- Returns:
- the aliases that are used for the keystore
-
getRootCAalias
public static String getRootCAalias()
Get the root CA alias; needed to check the serial number and fingerprint- Returns:
- the alias
-
haveKeytool
public static boolean haveKeytool()
- Returns:
- flag whether
KEYTOOL_PATH
is configured (is notnull
)
-
-