Testing TLS certificates


To test TLS encryption, create a Java keystore file for the certificate and private key pair. A self-signed certificate can be generated using the OpenSSL and keytool programs:

openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365

Create a PKCS12 file using the above key/cert pair:

openssl pkcs12 -export -in ./cert.pem -inkey ./key.pem -certfile ./ca.pem -out lenses.p12

Once a key password is requested, use the same as in lenses.ssl.key.password

Finally, import the PKCS12 to the keystore.

keytool -importkeystore -srckeystore lenses.p12 -srcstoretype pkcs12 -destkeystore lenses.jks -deststoretype JKS

Once a keystore password is requested, use the same as in lenses.ssl.keystore.password

--
Last modified: March 20, 2024