Pages

Thursday, July 7, 2016

Connect Ldap using Java

LDAP (Lightweight Directory Access Protocol) is a software protocol for enabling anyone to locate organizations, individuals, and other resources such as files and devices in a network, whether on the public Internet or on a corporate intranet. LDAP is a "lightweight" (smaller amount of code) version of Directory Access Protocol (DAP), which is part of X.500, a standard for directory services in a network.
Directory structure strings:
rdnRelative Distinguished Name
dnDistinguished Name
cnCommon Name
ouOrganizational Unit
dcDomain Component
snSurName
As an example, the Entry look like was: 
dn: cn=Joe Smith,ou=East,dc=MyDomain,dc=com
 cn: John Doe
 givenName: John
 sn: Doe
 telephoneNumber: +1 888 555 6789
 telephoneNumber: +1 888 555 1232
 mail: john@example.com
 manager: cn=Barbara Doe,dc=example,dc=com
 objectClass: inetOrgPerson
 objectClass: organizationalPerson
 objectClass: person
 objectClass: top








Read more »









No comments:
  









































          

        

          

        

Thursday, January 28, 2016


          

        









Convert JKS into PEM using Keytool






























Below are the steps to convert the JKS keystore file into CRT / PEM files(certs/keys) 




    

  1. Generate PKCS12 file format with the Keystore jks file
    keytool -importkeystore -srckeystore <keystore.jks> -destkeystore <keystore.p12> -deststoretype PKCS12 -srcalias <aliasName> -deststorepass <password> -destkeypass <password>In above keystore.jks is input Keystore file
             keystore.p12 is the output PKCS12 file.
             aliasName was the entry name in keystore file.
             password is the password for the output file.
    Example:
    >keytool -importkeystore -srckeystore keystore.jks -destkeystore keystore.p12 -deststoretype PKCS12 -srcalias selfsigned -deststorepass password -destkeypass password
    Enter source keystore password:
    2. 

  2. Now convert the PKCS12 format into PEM format:
    3. 

      

    1. Generate certificate in pem format without private keys:
      >openssl pkcs12 -in <keystore.p12>  -nokeys -out <cert.pem>
      in above keystore.p12 is the input file in PKCS12 format
                     cert.pem is the output file in PEM format.
      example:
      >openssl pkcs12 -in keystore.p12  -nokeys -out cert.pem
      Enter Import Password:
      MAC verified OK
      2. 

    2. Generate private key in pem format without certificate:
      >openssl pkcs12 -in keystore.p12  -nodes -nocerts -out key.pem
      Enter Import Password:
      MAC verified OK
      3. 

    

  3. Additionally convert the keystore jks file into CRT format:
    keytool -exportcert -file <keystore.crt> -keystore <keystore.jks> -alias <aliasName>
    in above keystore.jks is the input Keystore jks file
                 aliasName is the entry name in the keystore file
                 keystore.crt is the output CRT file.
    >keytool -exportcert -file keystore.crt -keystore keystore.jks -alias selfsigned
    Enter keystore password:
    Certificate stored in file <keystore.crt>
    4. 





    















No comments:
  









































        

      









Subscribe to:
Posts (Atom)