Hi Siamak, Please see my inline comments:
On 4/6/06, Siamak Haschemi <[EMAIL PROTECTED]> wrote: > Hello everybody. > > I successfully can use the security example. Within this example there > is the keystore which ist used. I start with the example and try to > generate my own keystore but I have no luck. Can somebody give me the > lines to write down the console to get a keystore simmilar to the > "sec.jks" in the "secUtil.jar" of the security example. You can use openssl and the java keytool to do this. Please see the following shell scripts: https://svn.apache.org/repos/asf/webservices/wss4j/trunk/keys/genCAKey.sh https://svn.apache.org/repos/asf/webservices/wss4j/trunk/keys/genKeystore.sh https://svn.apache.org/repos/asf/webservices/wss4j/trunk/keys/genCertRequest.sh https://svn.apache.org/repos/asf/webservices/wss4j/trunk/keys/signConvertImportCert.sh > > By the way I got a question on the security example: > > The keystore listing shows that there are two private/public keys in the > keystore and two signed and accepted certificates. Am I right? Yes > > > Keystore-Typ: jks > Keystore-Provider: SUN > > Ihr Keystore enthõlt 4 Eintrõge. > > alice, 04.06.2005, keyEntry, > Zertifikatsfingerabdruck (MD5): > 57:CE:81:F1:03:C4:2C:F7:5B:1A:DE:AC:43:64:0A:84 > root, 04.06.2005, trustedCertEntry, > Zertifikatsfingerabdruck (MD5): > 0C:0D:00:27:BF:4B:32:63:40:A8:B2:03:96:4B:58:14 > ca, 04.06.2005, trustedCertEntry, > Zertifikatsfingerabdruck (MD5): > CA:0A:6D:E3:A4:9F:E8:55:98:0A:F8:10:66:35:40:C6 > bob, 04.06.2005, keyEntry, > Zertifikatsfingerabdruck (MD5): > 89:3E:86:D2:4F:9C:E7:39:B6:71:8A:EF:00:C5:89:DC > > > The security example uses this keystore for both the client and the > server. My question now is how to produce two different keystores for > alice and bob each containing the private/public key and the certificate > (including the public key) of the other. something like this: These are the steps to create the keystores you want: 1.) generate two separate keystores with self signed keys $ keytool -genkey ... 2.) Export the certs of both private keys in the two keystores $ keytool -export 3.) Import the cert of one private key to the other keystore $ keytool -import > > Keystore for Alice: > - Private/Public Key of Alice > - Certificate of Bob > > Keystore for Bob: > - Private/Public Key of Bob > - Certificate of Alice > > > Does Axis2 works this such a scenario? Yes !! Thanks, Ruchith
