Thursday, October 29, 2009

Chapter 8: Key and Certificate Management Using Keystores















































Chapter 8: Key and Certificate Management Using Keystores




Overview



At
this point you should be fairly comfortable with what is required to
create keys and certificates, but you are probably also wondering what
you are supposed to do if you need them to be around for more than the
duration of an example program. How can you store a private key safely
and maintain the relationship it has with its associated certificates?
What do you do if you need to pass a private key onto someone else? Is
there a way of persisting a secret key for longer-term use?


This chapter looks at the keystore facilities offered in Java through the KeyStore class and some of the underlying variations in how KeyStore objects are implemented.


By the end of this chapter you should




  • Understand what basic types of keystore are available and how they differ




  • Have an understanding of PKCS #12 file structure for storing private credentials




  • Know how to create PKCS #12 files using the KeyStore API and what variations there are between implementations




  • Be familiar with the JVM's own ideas about trust anchors




Finally, you will also understand how to use the keytool
command and integrate it with the work I covered in earlier chapters,
as well as be aware of some of the other JVM features that make use of
keystores.







































Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)