Class KeyToolUtils

java.lang.Object
org.apache.jorphan.exec.KeyToolUtils

public class KeyToolUtils extends Object
Utilities for working with Java keytool
  • Field Details

    • ROOT_CACERT_CRT_PFX

      public static final String ROOT_CACERT_CRT_PFX
      See Also:
    • SUPPORTS_HOST_CERT

      public static final boolean SUPPORTS_HOST_CERT
      Does this class support generation of host certificates?
  • Method Details

    • genkeypair

      public static void genkeypair(File keystore, String alias, String password, int validity, String dname, String ext) throws IOException
      Generate a self-signed keypair using the algorithm "RSA". Requires Java 7 or later if the "ext" parameter is not null.
      Parameters:
      keystore - the keystore; if it already contains the alias the command will fail
      alias - the alias to use, not null
      password - the password to use for the store and the key
      validity - the validity period in days, greater than 0
      dname - the distinguished name value, if omitted use "cn=JMeter Proxy (DO NOT TRUST)"
      ext - if not null, the extension (-ext) to add (e.g. "bc:c"). This requires Java 7.
      Throws:
      IOException - if keytool was not configured or running keytool application fails
    • generateProxyCA

      public static void generateProxyCA(File keystore, String password, int validity) throws IOException
      Creates a self-signed Root CA certificate and an intermediate CA certificate (signed by the Root CA certificate) that can be used to sign server certificates. The Root CA certificate file is exported to the same directory as the keystore in formats suitable for Firefox/Chrome/IE (.crt) and Opera (.usr). Requires Java 7 or later.
      Parameters:
      keystore - the keystore in which to store everything
      password - the password for keystore and keys
      validity - the validity period in days, must be greater than 0
      Throws:
      IOException - if keytool was not configured, running keytool application failed or copying the keys failed
    • generateHostCert

      public static void generateHostCert(File keystore, String password, String host, int validity) throws IOException
      Create a host certificate signed with the CA certificate. Requires Java 7 or later.
      Parameters:
      keystore - the keystore to use
      password - the password to use for the keystore and keys
      host - the host, e.g. jmeter.apache.org or *.apache.org; also used as the alias
      validity - the validity period for the generated keypair
      Throws:
      IOException - if keytool was not configured or running keytool application failed
    • list

      public static String list(File keystore, String storePass) throws IOException
      List the contents of a keystore
      Parameters:
      keystore - the keystore file
      storePass - the keystore password
      Returns:
      the output from the command "keytool -list -v"
      Throws:
      IOException - if keytool was not configured or running keytool application failed
    • getCAaliases

      public static String[] getCAaliases()
      Returns a list of the CA aliases that should be in the keystore.
      Returns:
      the aliases that are used for the keystore
    • getRootCAalias

      public static String getRootCAalias()
      Get the root CA alias; needed to check the serial number and fingerprint
      Returns:
      the alias
    • haveKeytool

      public static boolean haveKeytool()
      Returns:
      flag whether KEYTOOL_PATH is configured (is not null)