TC65 JAVA User's Guide
Strictly confidential / Released
11.5
Create a Java Security Environment Step by Step
11.5.1
Create Key store
The key store contains the key pairs for signing data. For producing the key store with keys
the tool "keytool.exe" can be used.
The program is in the Java SDK. (for a description see
http://java.sun.com/j2se/1.3/docs/tooldocs/solaris/keytool.html)
Example:
keytool -genkey -alias keyname -keypass keypassword -keystore customer.ks
-storepass keystorepassword -sigalg SHA1withRSA -keyalg RSA
11.5.2
Export X.509 Root Certificate
For exporting the x.509 root certificate use "keytool.exe". The program is in the Java SDK.
(for description see http://java.sun.com/j2se/1.3/docs/tooldocs/solaris/keytool.html)
keytool -export -v -keystore customer.ks -storepass keystorepassword
-alias keyname > certificate.der
11.5.3
Create Java Security Commands
For producing the java security commands the tool "jseccmd.jar" can be used.
This program is in the folder "wkt\bin".
Command: switch to java security mode (Set Customer Root Certificate)
java -jar jseccmd.jar -cmd SetRootCert -certfile customer.der
Command: switch to java normal mode (Del Customer Root Certificate)
java -jar jseccmd.jar -cmd DelRootCert
Command: switch on Certificate Verification for HTTPS Connections
java -jar jseccmd.jar -cmd HttpsVerifyOn
Command: switch off Certificate Verification for HTTPS Connections
java -jar jseccmd.jar -cmd HttpsVerifyOff
TC65 JAVA User's Guide_V05
–imei 012345678901234 -alias keyname
-storepass keystorepassword -keypass keypassword
-keystore customer.ks > SetRootCert.bin
–imei 012345678901234 -alias keyname
-storepass keystorepassword -keypass keypassword
-keystore customer.ks > DelRootCert.bin
–imei 012345678901234 -alias keyname
-storepass keystorepassword -keypass keypassword
-keystore customer.ks > HttpsVerifyOn.bin
–imei 012345678901234 -alias keyname
-storepass keystorepassword -keypass keypassword
-keystore customer.ks > HttpsVerifyOff.bin
Page 80 of 90
s
26.09.2005