A test for SSL/TLS certificates
This program tests SSL certificates and the like.
You can either use the truststore and serverkeystore files that came with the project or create new ones. To create new files (in bief) use the following commands:
openssl req -x509 -newkey rsa:2048 -keyout ca-key.pem.txt -out ca-certificate.pem.txt -days 365 -nodes
keytool -importcert -keystore truststore -file ca-certificate.pem.txt -alias ca -storepass whatever
keytool –keystore keystore –genkey –alias private -keyalg rsa -storepass whatever
keytool –keystore keystore -storepass whatever –certreq –alias private –file private.csr
openssl x509 -req -CA ca-certificate.pem.txt -CAkey ca-key.pem.txt -in private.csr -out private.cer -days 365 –CAcreateserial
keytool -importcert -keystore keystore -storepass whatever -file ca-certificate.pem.txt -alias ca
keytool -importcert -keystore keystore -storepass whatever -file private.cer -alias private
Compile the program with the following command (you must have maven installed):
mvn package
Run the server with the following
java -cp target\ssltest3-1.0-SNAPSHOT-jar-with-dependencies.jar SSLTest server
In another window, run the client with the following command
java -cp target\ssltest3-1.0-SNAPSHOT-jar-with-dependencies.jar SSLTest client
When the client gets a connection it should prompt you with a string like "localhost:6789> ". Type in something and it should be echoed back. Quit by entering "quit".
In a slightly more accessible format, here are the commands to create the truststore and keystore.
- Create the local CA self-signed certificate and private key
openssl req -x509 -newkey rsa:2048 -keyout ca-key.pem.txt -out ca-certificate.pem.txt -days 365 -nodes
- Create the truststore
keytool -importcert -keystore truststore -file ca-certificate.pem.txt -alias ca -storepass whatever
- Create the keystore
keytool –keystore keystore –genkey –alias private -keyalg rsa -storepass whatever
- Create a certificate signing request
keytool –keystore keystore -storepass whatever –certreq –alias private –file private.csr
- Sign the CSR with the local CA
openssl x509 -req -CA ca-certificate.pem.txt -CAkey ca-key.pem.txt -in private.csr -out private.cer -days 365 –CAcreateserial
- Import the local CA to the keystore
keytool -importcert -keystore keystore -storepass whatever -file ca-certificate.pem.txt -alias ca
- Import the singed certificate to the sever
keytool -importcert -keystore keystore -storepass whatever -file private.cer -alias private
Compile the program with the following command (you must have maven installed):
mvn package
Run the server with the following
java -cp target\ssltest3-1.0-SNAPSHOT-jar-with-dependencies.jar SSLTest server
In another window, run the client with the following command
java -cp target\ssltest3-1.0-SNAPSHOT-jar-with-dependencies.jar SSLTest client
When the client gets a connection it should prompt you with a string like "localhost:6789> ". Type in something and it should be echoed back. Quit by entering "quit".