Certificados TLS: Difference between revisions
No edit summary |
|||
| Line 4: | Line 4: | ||
== Importando um Certificado == | == Importando um Certificado == | ||
Download do certificado | |||
openssl s_client -connect <HOST:PORT> </dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > <NOME_DO-ARQUIVO.cer> | openssl s_client -connect <HOST:PORT> </dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > <NOME_DO-ARQUIVO.cer> | ||
Importando via ikeycmd | |||
ikeycmd -cert -add -db "key.jks" \-file "NOME_DO-ARQUIVO.cer" -pw <PASSWORD> -label <LABEL_CERTIFICADO> > /dev/null | ikeycmd -cert -add -db "key.jks" \-file "NOME_DO-ARQUIVO.cer" -pw <PASSWORD> -label <LABEL_CERTIFICADO> > /dev/null | ||
| Line 14: | Line 14: | ||
= iKeyCmd Cheat Sheet = | = iKeyCmd Cheat Sheet = | ||
List certificates | |||
ikeycmd -cert -list personal -db "key.kdb" -pw changeit | ikeycmd -cert -list personal -db "key.kdb" -pw changeit | ||
| Line 20: | Line 20: | ||
ikeycmd -cert -list ca -db "key.kdb" -pw changeit | ikeycmd -cert -list ca -db "key.kdb" -pw changeit | ||
Add a client certificate to keystore | |||
ikeycmd -cert -add -db "key.kdb" -label ibmwebspheremqclient01 -file ibmwebspheremqclient01.crt -format ascii -pw changeit | ikeycmd -cert -add -db "key.kdb" -label ibmwebspheremqclient01 -file ibmwebspheremqclient01.crt -format ascii -pw changeit | ||
Remove certificate from keystore (using stashed password) | |||
ikeycmd -cert -delete -label ibmwebspheremqclient01 -db "key.kdb" -stashed | ikeycmd -cert -delete -label ibmwebspheremqclient01 -db "key.kdb" -stashed | ||
Set default certificate | |||
ikeycmd -cert -setdefault -db key.kdb -label "mydefaultcertificate" -pw changeit | ikeycmd -cert -setdefault -db key.kdb -label "mydefaultcertificate" -pw changeit | ||
Revision as of 12:26, 29 September 2022
OpenSSL Cheat Sheet
Importando um Certificado
Download do certificado
openssl s_client -connect <HOST:PORT> </dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > <NOME_DO-ARQUIVO.cer>
Importando via ikeycmd
ikeycmd -cert -add -db "key.jks" \-file "NOME_DO-ARQUIVO.cer" -pw <PASSWORD> -label <LABEL_CERTIFICADO> > /dev/null
iKeyCmd Cheat Sheet
List certificates
ikeycmd -cert -list personal -db "key.kdb" -pw changeit ikeycmd -cert -list ca -db "key.kdb" -pw changeit
Add a client certificate to keystore
ikeycmd -cert -add -db "key.kdb" -label ibmwebspheremqclient01 -file ibmwebspheremqclient01.crt -format ascii -pw changeit
Remove certificate from keystore (using stashed password)
ikeycmd -cert -delete -label ibmwebspheremqclient01 -db "key.kdb" -stashed
Set default certificate
ikeycmd -cert -setdefault -db key.kdb -label "mydefaultcertificate" -pw changeit