b302945e5b
|
||
|---|---|---|
| .. | ||
| crl | ||
| intermediate | ||
| systemcerts | ||
| README.md | ||
| ca-cert.der | ||
| ca-cert.pem | ||
| ca-client.jks | ||
| ca-client.wks | ||
| ca-ecc-cert.der | ||
| ca-ecc-cert.pem | ||
| ca-ecc-key.pem | ||
| ca-key.der | ||
| ca-key.pem | ||
| ca-keyPkcs8.der | ||
| ca-server-ecc-256.jks | ||
| ca-server-ecc-256.wks | ||
| ca-server-rsa-2048.jks | ||
| ca-server-rsa-2048.wks | ||
| ca-server.jks | ||
| ca-server.wks | ||
| cacerts.jks | ||
| cacerts.wks | ||
| client-cert.der | ||
| client-cert.pem | ||
| client-ecc-cert.der | ||
| client-ecc-cert.pem | ||
| client-ecc.jks | ||
| client-ecc.wks | ||
| client-key.der | ||
| client-key.pem | ||
| client-keyPub.der | ||
| client-rsa-1024.jks | ||
| client-rsa-1024.wks | ||
| client-rsa.jks | ||
| client-rsa.wks | ||
| client.jks | ||
| client.p12 | ||
| client.wks | ||
| dh2048.pem | ||
| ecc-client-key.der | ||
| ecc-client-key.pem | ||
| ecc-key.pem | ||
| ecc-keyPkcs8.der | ||
| keytool-print-wks.sh | ||
| server-cert.der | ||
| server-cert.pem | ||
| server-ecc.der | ||
| server-ecc.jks | ||
| server-ecc.pem | ||
| server-ecc.wks | ||
| server-key.der | ||
| server-key.pem | ||
| server-keyPkcs8.der | ||
| server-rsa-1024.jks | ||
| server-rsa-1024.wks | ||
| server-rsa.jks | ||
| server-rsa.wks | ||
| server.jks | ||
| server.wks | ||
| update-certs.sh | ||
| update-jks-wks.sh | ||
README.md
Example and Test Certificates, Keys, and KeyStore Files
This directory contains example certificates, keys, and Java KeyStore files used for testing and examples.
These certificates and keys have been copied over from the wolfSSL proper example certs directory.
If new certs/keys are needed or added here, consider if they should also be added to wolfSSL proper.
Updating Example Certificates and Keys
To update the example certificates and keys, use the provided
update-certs.sh bash script. This script requires one argument on the
command line which is the location of the wolfSSL proper certs directory.
$ cd wolfcryptjni/examples/certs
$ ./update-certs.sh /path/to/wolfssl/certs
This script only updates the .pem and .der certificate and key files. To update the example Java KeyStore files, see the next section.
Updating Example Java KeyStore Files
To update the example Java KeyStore files, use the provided update-jks-wks.sh
bash script. This script requires one argument on the command line which is
the location of the wolfSSL proper certs directory.
This script will create new KeyStore files from original certificates. It will first create JKS KeyStore files, then convert those to WKS (WolfSSLKeyStore) format.
$ cd wolfcryptjni/examples/certs
$ ./update-jks-wks.sh /path/to/wolfssl/certs
This script only updates the example .jks and .wks files and not the individual .pem or .der files in this directory. For that, please see the above section.
Testing that Java keytool can read/parse WKS files
To confirm that Java keytool can parse WolfSSLKeyStore (WKS) format stores OK,
the keytool-print-wks.sh script can be used. This will call keytool -list
on each WKS KeyStore which is expected to pass successfully.
Support
Please contact the wolfSSL support team at support@wolfssl.com with any questions or feedback.