If you are developer like me and have openssl and java on your machine then here is a simple bash script for you to generate the certificate.
If you are on windows and don’t have bash then you could try this in cygwin.
What does the script do ?
- Generate a java keystore with the following SSL attributes
- Key size = 2048
- Valid for 9000 days
- Use first argument as the name of keystore file and alias name in the keystore
- Use second argument as the password.
NOTE: Remember to provide the same value when prompted during generation.
The script
$ cat create-and-export.sh
#!/bin/bash
if (( $# != 2 ))
then
echo "Usage: aliasname password"
exit 1
fi
keytool -genkey -keystore ./$1.p12 -deststoretype PKCS12 -storepass $2 -alias $1 -keyalg "RSA" -keysize 2048 -validity 9000
openssl pkcs12 -in $1.p12
keytool -v -importkeystore -srckeystore ./$1.p12 -srcstoretype PKCS12 -srcstorepass $2 -destkeystore ./$1.jks -deststoretype JKS -deststorepass $2
A Sample run
A sample run with aliasname caddemo and password “password” would be :
$ ./create-and-export.sh caddemo password
What is your first and last name?
[Unknown]: the developer
What is the name of your organizational unit?
[Unknown]: IPP
What is the name of your organization?
[Unknown]: Intuit
What is the name of your City or Locality?
[Unknown]: Mountain View
What is the name of your State or Province?
[Unknown]: CA
What is the two-letter country code for this unit?
[Unknown]: US
Is CN=the developer, OU=IPP, O=Intuit, L=Mountain View, ST=CA, C=US correct?
[no]: yes
Enter Import Password:
MAC verified OK
Bag Attributes
friendlyName: caddemo
localKeyID: 54 69 6D 65 20 31 33 38 32 39 38 39 37 37 36 32 31 30
Key Attributes:
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQI9uXWiQZOee0CAggA
MBQGCCqGSIb3DQMHBAic0N2EosNhIQSCBMj89VZ3nzWG8L/1z4AT/K88xaM/kvDx
.
.
.
lS3UzqVvxnv2Ki8h2opoaZjZcgZMs1rR/RAjAGm4hQiJJpR3qMgSJweNgfuY1hdN
5mvY8Y1v6mtLWTIbc6YRnz6aR/AS5/2cijx61zcsbdy/dNVoDMAcniW6KJxrst9c
El0=
-----END ENCRYPTED PRIVATE KEY-----
Bag Attributes
friendlyName: CN=the developer,OU=IPP,O=Intuit,L=Mountain View,ST=CA,C=US
localKeyID: 54 69 6D 65 20 31 33 38 32 39 38 39 37 37 36 32 31 30
subject=/C=US/ST=CA/L=Mountain View/O=Intuit/OU=IPP/CN=the developer
issuer=/C=US/ST=CA/L=Mountain View/O=Intuit/OU=IPP/CN=the developer
-----BEGIN CERTIFICATE-----
MIIDTjCCAjagAwIBAgIEUm6/0DANBgkqhkiG9w0BAQUFADBpMQswCQYDVQQGEwJV
UzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxDzANBgNVBAoT
BkludHVpdDEMMAoGA1UECxMDSVBQMRYwFAYDVQQDEw10aGUgZGV2ZWxvcGVyMB4X
DTEzMTAyODE5NDkzNloXDTM4MDYxOTE5NDkzNlowaTELMAkGA1UEBhMCVVMxCzAJ
BgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MQ8wDQYDVQQKEwZJbnR1
aXQxDDAKBgNVBAsTA0lQUDEWMBQGA1UEAxMNdGhlIGRldmVsb3BlcjCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ6ulaLe2E7JVqwmbUYKq1dmHT1T6aGW
zQl4H5ikqSc/EBDr58pFhUggV0h7wNR4y25KEPHxbIA79PBXhTp7dFcETwSmDqt7
0Y5+mItGMx+E/xA6z7eHNljvatsS7JYcHu8p3Xmxpv0+4RBdG33mOAhtqmjYgynw
eWMFPRR23XHNGc6V4WrzDdVKVU4OF+8oEomEl3oCtvIqMLHrYEG0fDGn8uw69gM6
5ocHDP9yF26inwG42K2QT3SRd8OgErhJRpsdHayx5mJ115PIsdJGHOzNQ6h3Uncv
SuFdkT344wkTMLa26OA922jafvR2gmQN27p0P1jC04I3Rg0+Q0U5pqcCAwEAATAN
BgkqhkiG9w0BAQUFAAOCAQEARdAP5AjnbPjXoU+AU373RkJb7FYFEcVCziI5Bv0S
Fv5afss0JOijRvq2kCQCCUV06pKCNS2y18xSThYsLiMlsBJ0FsuatgBpgcZ0zJ1X
Fjj5emMfyg/3SIkhZYUNikjiwzOgYe+ys8MxfE+CXJ15uJZKp+AzLBa35PFZm2Po
AUeNMNyKANOAzDT5CAefbuulHCX9YCm+BCdHjV21M8qGiM0Tns0GRcci6F/O/4Gr
4F8zxzhdn4gpVJoGPUfopVQZqERzVCZDK0jZl0x96gjEdH+5JwzXr0MjLWVu4rEW
/NJyIsM9m/GbpxubmvNzMOgvXkv06p4wox5BBnk3NowVHw==
-----END CERTIFICATE-----
Entry for alias caddemo successfully imported.
Import command completed: 1 entries successfully imported, 0 entries failed or cancelled
[Storing ./caddemo.jks]
$ ls caddemo.*
caddemo.jks caddemo.p12
What next
For your public key you would copy the portion between :
—–BEGIN CERTIFICATE—–
and
—–END CERTIFICATE—–
If you are using the java SDK samples then you can use the caddemo.jks that is created.
For API Explorer you need to use caddemo.p12 file as the private key with “password” as the password. Since that is what I gave at the command line.
References
https://developer.intuit.com/docs
Also search for SSL certificate to get more information.
Leave a Reply