Generating a Self-Signed Certificate with "keytool"

This section provides a tutorial example on how to generate a self-signed certificate using the 'keytoo' command from JDK (Java Development Kit).

In order to learn how to use X.509 certificate tokens, we need to create a certificate first. The easiest way is to create a self-signed certificate using the "keytool" command provided in JDK (Java Development Kit).

Run the following command in a command window, assuming JDK is installed:

C:\herong>"\Program Files\java\jdk1.8.0\bin\keytool" -genkeypair 
   -keystore MyKeyStore.jks -alias MyCertificate

Enter keystore password: MyKeyStore
Re-enter new password: MyKeyStore
What is your first and last name?
  [Unknown]:  Herong
What is the name of your organizational unit?
  [Unknown]:  MyUnit
What is the name of your organization?
  [Unknown]:  MyOrg
What is the name of your City or Locality?
  [Unknown]:  MyCity
What is the name of your State or Province?
  [Unknown]:  MyState
What is the two-letter country code for this unit?
  [Unknown]:  UN
Is CN=Herong, OU=MyUnit, O=MyOrg, L=MyCity, ST=MyState, C=UN correct?
  [no]:  yes

Enter key password for <MyCertificate>
        (RETURN if same as keystore password): MyCertificate
Re-enter new password: MyCertificate

The above command did the following:

Run the following command to check the JKS file and its key store entries:

C:\herong>"\Program Files\java\jdk1.8.0\bin\keytool" -list 
   -keystore MyKeyStore.jks -storepass MyKeyStore

Keystore type: JKS
Keystore provider: SUN

Your keystore contains 1 entry

mycertificate, Mar 1, 2014, PrivateKeyEntry,
Certificate fingerprint (SHA1): 
   4B:2E:99:91:12:4E:3A:D0:B4:BF:12:B4:44:74:A4:1D:02:70:2B:9D

The output confirms that the JKS file has a key store entry called "mycertificate".

Last update: 2014.

Table of Contents

 About This Book

 Introduction to Web Service

 Introduction to SOAP (Simple Object Access Protocol)

 SOAP Message Structure

 SOAP Message Transmission and Processing

 SOAP Data Model

 SOAP Encoding

 SOAP RPC Presentation

 SOAP Properties Model

 SOAP Message Exchange Patterns

 SOAP HTTP Binding

 SOAP Perl Implementations

 SOAP PHP Implementations

 SOAP Java Implementations

 Perl SOAP::Lite - SOAP Server-Client Communication Module

 Perl Socket Test Program for HTTP and SOAP

 Perl SOAP::Lite for GetSpeech SOAP 1.1 Web Service

 Perl SOAP::Lite 0.710 for SOAP 1.2 Web Services

 Perl SOAP::Lite 0.710 for WSDL

 PHP SOAP Extension Client Programs

 PHP SOAP Extension Server Programs

 Java Socket and HttpURLConnection for SOAP

 SAAJ - SOAP with Attachments API for Java

 SoapUI - SOAP Web Service Testing Tool

 WS-Security - SOAP Message Security Extension

WS-Security X.509 Certificate Token

 What Is WS-Security X.509 Certificate Token Profile?

 What Is XML Signature Syntax and Processing?

Generating a Self-Signed Certificate with "keytool"

 SoapUI Configuration for Messaging Signing

 Generating Digital Signature with SoapUI

 Validating ds:Signature with X.509 Certificate

 Digital Signature Options Supported in SoapUI

 What Is XML Encryption Syntax and Processing?

 SoapUI Configuration for Messaging Encryption

 "not an RSA key" - Encryption Failed in SoapUI

 Encryption using RSA Public Key with SoapUI

 2-Step Message Encryption - Symmetric and RSA

 Decrypting Encrypted SOAP Message

 Message Encryption Options Supported in SoapUI

 Web Services and SOAP Terminology

 References

 PDF Printing Version