-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathhow_to_ssl_for_rmi
28 lines (15 loc) · 995 Bytes
/
how_to_ssl_for_rmi
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
STEPS:
1. Generate keys and certificate for the server.
2. Import the server's certificate into the client's truststore.
3. Generate keys and certificate for the client.
4. Import the client's certificate into the server's truststore -> callbacks.
5. Import the client's certificate into the client's truststore -> direct communication between clients.
EXAMPLE:
# Generates server's keystore with public/private keys
keytool -genkeypair -alias javagramkeys -keyalg RSA -validity 365 -keystore javagram_keystore.ks
# Verifies that the keystore has been successfully created
keytool -list -v -keystore javagram_keystore.ks
# Exports a certificate file from the keystore
keytool -export -alias javagramkeys -keystore javagram_keystore.ks -rfc -file javagram_certificate.cer
# Imports the certificate into a truststore -> the client's truststore must trust the server's keystore
keytool -import -alias javagramcertificate -file javagram_certificate.cer -keystore javagram_truststore.ks