CAST AIP - SSL - Secure Socket Layer (SSL) Tools

This section deals with Secure Socket Layer (SSL) tools .  These tools help with management and storage of certificates and keys used in SSL.

 

Applicable in CAST Version

Release

Yes/No

8.3.x (tick)

 

 

See the sections below for information on these tools:

 

 

Keytool

  • A Java keystore maintains keys and certificates in a secure manner in a repository.
  • keytool is a Java utility that is part of the Java JDK which allows for performing tasks on a Java keystore.
  • Basic operations are:
    • listing contents (keytool -list)
      • Example:  keytool -list -keystore <keystore_path>
    • importing certificates (keytool -import)
      • Example for importing into root certificates - see documentation below for further information:  keytool  -import -trustcacerts -file <certificate_path> -alias <alias_name> -keystore <keystore_path>
    • exporting certificates (keytool - export)
      • Example:  keytool  -export -file <export_path> -alias <alias_name> -keystore <keystore_path>
    • Deleting certificates (keytool -delete)
      • Example:  keytool -delete -alias <alias_name> -keystore <keystore_path>
    • generating certificates (see documentation below to fully understand the options)


For further information, please see: https://docs.oracle.com/javase/8/docs/technotes/tools/unix/keytool.html

 

Openssl

  • Openssl is a command line tool that generally needs to be compiled or added to an operation system
  • Openssl is used in encryption
  • It can be used to manipulate certificates and/or create certain kinds of certificates (for example to convert a *.crt file and private key into a *.pk7 certificate)


For further information, please see: https://www.openssl.org/docs/man3.0/man1/openssl.html

 

 

 

 

Have more questions? Submit a request

Comments

Powered by Zendesk