I’m working on a computer science project and need an explanation to help me understand better.
Why would you want to use a CA for security?
What are the advantages of using a CA?
Ideally, you would have a third-party vendor CA generate certificates for you, which requires costs for the domain. In this case, the cost of having a third-party vendor CA generate certificates may not be affordable or necessary. In this assignment, you will generate self-signed certificates, which makes you the CA. Acting as the CA and generating certificates using free tools is common practice when you are developing.
Certificate Generation: Use the Java KeyTool to generate a self-signed certificate. There is no additional installation needed if you have Java installed on your computer or through Eclipse, but you need to locate your Java home location to find the keytool.exe. Please note: You will generate certificates in Project Two and use the Java KeyTool through Eclipse.
Begin by accessing the keystore by copying the command below. You must copy this text exactly and paste it into the Command Line. Be sure to revise the text where the word password appears with a unique and secure password. This will be your password for the entire exercise. You may refer to the Oracle Guidelines on the Key and Certificate Management Tool for additional guidance.
keytool.exe -genkey -keyalg RSA -alias selfsigned -keypass password -keystore keystore.jks -storepass password -validity 360 -keysize 2048
A command line screen with the following command entered: keytool.exe -genkey – keyalg RSA -alias selfsigned -keypass changeme -keystore keystore.jks – storepass changeme -validity 360 -keysize 2048.
A series of questions with responses which are used to generate a 2,048-bit RSA key pair and self-signed certificate follow.
Enter a secure password for the keystore (shown as password). You must copy this text exactly and paste it into the Command Line. Be sure to revise the text where the word password appears with a unique and secure password. This password will be used again shortly.
keytool.exe -export -alias selfsigned -storepass password -file server.cer -keystore keystore.jks
A command line screen with the following command entered: keytool.exe -export -alias selfsigned -storepass changeme -file server.cer -keystore keystore.jks The returned line states, ‘Certificate stored in file <server.cer data-verified=’”>
Use a command to print out the CER file using Command Line.
keytool.exe -printcert -file server.cer
To demonstrate that the certificate was effectively generated, submit a screenshot of the print out of the certificate information found in the server.cer file created in the previous step. An example is shown below:
A command line screen with the following command entered: keytool.exe -printcert -file server.cer
This command prints the server.cer file. The details of the CER file which was printed include Owner, Issuer, Serial number, Dates valid, Certificate fingerprints, Signature algorithm name, Subject public key algorithm, Version number, and Extensions.
Answer a series of questions with unique answers. You may use fictional information to fill in answers to the questions. You should submit a screenshot with the questions and answers to show that you have entered all the necessary field information as shown above.
Lastly, you will be prompted to enter the same password as before for the accessing keystore to export the certificate to a CER file.
keytool.exe -export -alias selfsigned -storepass changeme -file server.cer -keystore keystore.jks
EssayClue is an award-winning assignment help service provider. We have a team of professional tutors to help you with any assignment regardless of the the deadline. Contact us for immediate help.