Sunday, October 14, 2012

Steps to generate public priavet key pair

There are three steps to generate private - publik key pair using java keytool.

1) Generate private key

Following is the command to generate private key
keytool -genkey -keystore myPrivateKey.store -alias myPrivateKey -validity 3650

When  you execute this command, you will have to give some inputs and shown follows:
>    keytool -genkey -keystore myPrivateKey.store -alias myPrivateKey -validity 3650
Enter keystore password:abc123
Re-enter new password:abc123
What is your first and last name?
  [Unknown]:  Master Triumph
What is the name of your organizational unit?
  [Unknown]:  Research
What is the name of your organization?
  [Unknown]:  MyOrganization
What is the name of your City or Locality?
  [Unknown]:  Mumbai
What is the name of your State or Province?
  [Unknown]:  Maharstra
What is the two-letter country code for this unit?
  [Unknown]:  IN
Is CN=Master Triumph, OU=Research, O=MyOrganization, L=Mumbai, ST=Maharstra, C=IN correct?
  [no]:  yes

Enter key password for <myPrivateKey>
        (RETURN if same as keystore password):xyz123
       
Here abc123 is password of keystore (in which private key generated is stored) and xyz123 is the password of the private key generated with alias myPrivateKey.
Validity of this key is of 10 years (3650 days)

       

2) Export private key to Certificate:

To generate coresponding public key from the private key you have to first export private key to the certificate.
keytool -export -keystore myPrivateKey.store -alias myPrivateKey -file myCertificate.cer
When  you execute this command, you will have to give key store password and you will see the message as follows:
>keytool -export -keystore myPrivateKey.store -alias myPrivateKey -file myCertificate.cer
Enter keystore password:abc123
Certificate stored in file <myCertificate.cer>

3) Import public key from the certificate:

After certificate is generated, you can import public key from thwt certificate. Following is the command to import publik key
keytool -import -keystore myPublic.store -alias myPublicKey -file myCertific
 
When  you execute this command, you will have to give key store password for public key store and you will see the information as follows:
>keytool -import -keystore myPublic.store -alias myPublicKey -file myCertific
ate.cer -validity 3650
Enter keystore password:
Re-enter new password:
Owner: CN=Master Triumph, OU=Research, O=MyOrganization, L=Mumbai, ST=Maharastra, C=IN
Issuer: CN=Master Triumph, OU=Research, O=MyOrganization, L=Mumbai, ST=Maharastra, C=IN
Serial number: 507ad1ba
Valid from: Sun Oct 14 20:22:42 IST 2012 until: Wed Oct 12 20:22:42 IST 2022
Certificate fingerprints:
         MD5:  B3:49:00:A4:7D:84:99:9D:B9:98:95:7B:B4:5C:49:C8
         SHA1: 65:D4:17:0E:31:1A:29:80:8D:8E:FC:25:50:93:18:E8:DF:C8:85:84
         Signature algorithm name: SHA1withDSA
         Version: 3
Trust this certificate? [no]:  yes
Certificate was added to keystore

Now you have both private key and publik key. You can share your public key to whome you want to communicate. Don't share private key to any one. Now you can delete certificate file.

No comments:

Post a Comment

Post a Comment