certificate problem

[gk]

Hi, i am reading JSSE tutorial.

in the tutorial i find the following code snippet which i dont
understand. will you please help me to understand it ? wll you please
answer my questions ?


here is the code




Creating a New Key Pair and Self-Signed Certificate Using keytool
=================================================

keytool -genkey -alias alias -keystore .keystore

Enter keystore password: password
What is your first and last name?
[Unknown]: Duke
What is the name of your organizational unit?
[Unknown]: JavaSoft
What is the name of your organization?
[Unknown]: Sun
What is the name of your City or Locality?
[Unknown]: Cupertino
What is the name of your State or Province?
[Unknown]: CA
What is the two-letter country code for this unit?
[Unknown]: US
Is <CN=Duke, OU=JavaSoft, O=Sun, L=Cupertino, ST=CA, C=US> correct?
[no]: yes






i am getting difficulty to understand this code. here are my questions
as follows...


Question 1 :

does this code creating a file ? a certificate file ? where does it
gets stored ?
confused ..... what it is doing ?



Question 2 :

it says "Creating a New Key Pair and Self-Signed Certificate Using
keytool".....i want to see the created certificated......it must be
stored somewhere in my harddisk.....correct ? where do i get this file
? whats the name of the certificate ? please tell me the name of the
certificate, so that i can search my hard disk and want to find that
file and want to see that file.


Question 3 : they say "Creating a New Key Pair and Self-Signed
Certificate Using keytool".....what does it mean by "Key Pair and
Self-Signed Certificate"......does it mean this program creates two
keys e.g in this example "alias" and ".keystore".....is it correct ?

and what about this "Self-Signed Certificate"....i dont see any created
certificate.

 

[IchBin]

Hi, i am reading JSSE tutorial.

in the tutorial i find the following code snippet which i dont
understand. will you please help me to understand it ? wll you please
answer my questions ?


here is the code




Creating a New Key Pair and Self-Signed Certificate Using keytool
=================================================

keytool -genkey -alias alias -keystore .keystore

Enter keystore password: password
What is your first and last name?
[Unknown]: Duke
What is the name of your organizational unit?
[Unknown]: JavaSoft
What is the name of your organization?
[Unknown]: Sun
What is the name of your City or Locality?
[Unknown]: Cupertino
What is the name of your State or Province?
[Unknown]: CA
What is the two-letter country code for this unit?
[Unknown]: US
Is <CN=Duke, OU=JavaSoft, O=Sun, L=Cupertino, ST=CA, C=US> correct?
[no]: yes






i am getting difficulty to understand this code. here are my questions
as follows...


Question 1 :

does this code creating a file ? a certificate file ? where does it
gets stored ?
confused ..... what it is doing ?



Question 2 :

it says "Creating a New Key Pair and Self-Signed Certificate Using
keytool".....i want to see the created certificated......it must be
stored somewhere in my harddisk.....correct ? where do i get this file
? whats the name of the certificate ? please tell me the name of the
certificate, so that i can search my hard disk and want to find that
file and want to see that file.


Question 3 : they say "Creating a New Key Pair and Self-Signed
Certificate Using keytool".....what does it mean by "Key Pair and
Self-Signed Certificate"......does it mean this program creates two
keys e.g in this example "alias" and ".keystore".....is it correct ?

and what about this "Self-Signed Certificate"....i dont see any created
certificate.

The example you are showing looks like it is from "The Java Developers
Almanac 1.4". http://javaalmanac.com/egs/java.security.cert/CreateCert.html

Take a peek at this page... Follow link for keytool
http://java.sun.com/j2se/1.5.0/docs/tooldocs/#security

Thanks in Advance...
IchBin, Pocono Lake, Pa, USA
http://weconsultants.servebeer.com/JHackerAppManager
__________________________________________________________________________

'If there is one, Knowledge is the "Fountain of Youth"'
-William E. Taylor, Regular Guy (1952-)

 

[Roedy Green]

see http://mindprod.com/jgloss/keytoolexe.html
http://mindprod.com/jgloss/certificate.html
http://mindprod.com/jgloss/keystore.html

and chase links.

 

[gk]

you have provided a link

comments from your link says:
=================================

Tool Name Brief Description Links to Reference Pages
keytool Manage keystores and certificates.
jarsigner Generate and verify JAR signatures.
policytool GUI tool for managing policy files.


These security tools help you obtain, list, and manage Kerberos
tickets.






do you understand anything out of it ?

i dont get it yet.

i have asked few specific questions . google has returned many results,
i am confused with the jargons.

if you know the answers of my specific questions will you please share
?


thank you

Hi, i am reading JSSE tutorial.

in the tutorial i find the following code snippet which i dont
understand. will you please help me to understand it ? wll you please
answer my questions ?


here is the code




Creating a New Key Pair and Self-Signed Certificate Using keytool
=================================================

keytool -genkey -alias alias -keystore .keystore

Enter keystore password: password
What is your first and last name?
[Unknown]: Duke
What is the name of your organizational unit?
[Unknown]: JavaSoft
What is the name of your organization?
[Unknown]: Sun
What is the name of your City or Locality?
[Unknown]: Cupertino
What is the name of your State or Province?
[Unknown]: CA
What is the two-letter country code for this unit?
[Unknown]: US
Is <CN=Duke, OU=JavaSoft, O=Sun, L=Cupertino, ST=CA, C=US> correct?
[no]: yes






i am getting difficulty to understand this code. here are my questions
as follows...


Question 1 :

does this code creating a file ? a certificate file ? where does it
gets stored ?
confused ..... what it is doing ?



Question 2 :

it says "Creating a New Key Pair and Self-Signed Certificate Using
keytool".....i want to see the created certificated......it must be
stored somewhere in my harddisk.....correct ? where do i get this file
? whats the name of the certificate ? please tell me the name of the
certificate, so that i can search my hard disk and want to find that
file and want to see that file.


Question 3 : they say "Creating a New Key Pair and Self-Signed
Certificate Using keytool".....what does it mean by "Key Pair and
Self-Signed Certificate"......does it mean this program creates two
keys e.g in this example "alias" and ".keystore".....is it correct ?

and what about this "Self-Signed Certificate"....i dont see any created
certificate.

The example you are showing looks like it is from "The Java Developers
Almanac 1.4". http://javaalmanac.com/egs/java.security.cert/CreateCert.html

Take a peek at this page... Follow link for keytool
http://java.sun.com/j2se/1.5.0/docs/tooldocs/#security

Thanks in Advance...
IchBin, Pocono Lake, Pa, USA
http://weconsultants.servebeer.com/JHackerAppManager
__________________________________________________________________________

'If there is one, Knowledge is the "Fountain of Youth"'
-William E. Taylor, Regular Guy (1952-)

 

[Roedy Green]

if you know the answers of my specific questions will you please share
?

If someone does, do you promise in return to explain how to speak
German in 100 words or less?

certificates are complicated. You just have to keep reading and
reading and eventually it all begins to make sense. I have tried as
best I could to give you an overview of what is important in the Java
glossary, but you still have to read many entries several times before
it will all make sense.

 

[gk]

thansk roedy... your liks are relevant and helpful.

however, i tried to find my queries in your site before your post
......unfortunately your site is not so much organised.....your site
does not have a search box.


Anyway, thank you for providing the link from your sites.


here i found something,

i tried this,

C:\>keytool -genkey -alias alas -keystore .anyname

and this command asks me few questions ...i typed answers ...and you
know, it created a file whose name is ".anyname" and the fle is in
"C:\" from where i executed this command....

this is quite interesting.

BTW, when i opened the ".anyname" file in editplus, i found so many
weired characters.....i dont understand what are those. but i think
these are the answers i gave to the tool when it asked me questions
upon execution of the command. and those answers are encrypted and
written in this file ".anyname" .

am i correct ?

This part is ok.


but i am in anxiety, why the tutorial used the term

"Creating a New Key Pair and Self-Signed Certificate Using keytool"

who are the Key Pairs here ? this wording "Key pairs" is
misleading...can you explain it what they are trying to say here ?




why they are using this term "Self-Signed Certificate" in this example
?
there is no certificate in this example (because certificate has
a .cer extension .....i dont have a file which has .cer extension
.....of couse, i have a file whose name is ".anyname"....can you call
this a certificate ? i dont think so......or is it ?)

 

[Roedy Green]

however, i tried to find my queries in your site before your post
.....unfortunately your site is not so much organised.....your site
does not have a search box.

Yes it does. See http://mindprod.com/jgloss/jgloss.html

Further with any site you can add site:mindprod.com to your search
criteria when you use Google to search a particular site even if that
site does not have a site search box.

Generally the way you use the Java glossary is with the index to find
one word related to your problem, then you chase links at the bottom
of the page to related words. I gave you the starting points.

Try again reading the keytool.exe entry which gives you recipes for
all the things you need to do with certificates. The other entries
primarily support why you would do these things.

 

[Roedy Green]

BTW, when i opened the ".anyname" file in editplus, i found so many
weired characters.....i dont understand what are those. but i think
these are the answers i gave to the tool when it asked me questions
upon execution of the command. and those answers are encrypted and
written in this file ".anyname" .

The .keystore file is for cryptography. The .keystore is deliberately
not a format you can make sense of with a text editor. See
http://mindprod.com/jgloss/keystore.html

If you want to go exploring .keystores, (or cacerts) see
http://mindprod.com/jgloss/keyman.html

keytool will let you probe them with the list -v option, but it is
awkward to use and does not tell you as much as keyman.