Meaningless Drivel is fun!*
The moose likes Security and the fly likes OpenSSL | 256 bit encryption Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "OpenSSL | 256 bit encryption" Watch "OpenSSL | 256 bit encryption" New topic
Author

OpenSSL | 256 bit encryption

Sandy Saahil
Greenhorn

Joined: Apr 06, 2006
Posts: 9
Hi Friends,

I am bit confused around generating self signed 256 bit encryption certificate. Kindly help. This is what I did

1) Created the private key with 256 bit AES encryption by using this command on openSSL
genrsa -aes256 -out C:\ssl\certificate\privkey.key 4096

2) Create the certificate using the key generated
req -new -x509 -config C:\ssl\openssl.cnf -key C:\ssl\certificate\privkey.key -out C:\ssl\certificate\newcert.pem -days 365

3) Exported certificate and key to P12 format
pkcs12 -config C:\ssl\openssl.cnf -export -in C:\ssl\certificate\newcert.pem -inkey C:\ssl\certificate\privkey.key -out C:\ssl\certificate\newcert.p12

4) Using java keytool, imported this P12 file to keystore
keytool -v -importkeystore -srckeystore C:\ssl\certificate\newcert.p12 -srcstoretype PKCS12 -destkeystore C:\ssl\moretry\sands.jks -deststoretype JKS

5) Configured JBoss server.xml to pick this keystore with correct keystorePass


Now when I try to access the localhost, I am able to see the screen with certificate but the encryption still show 128 bit encryption (attached). Kindly let me know if I am missing anything.

regards,
Sandy



[Thumbnail for screenshot.PNG]



Keep Faith
Anish Nath
Greenhorn

Joined: Sep 21, 2011
Posts: 23
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: OpenSSL | 256 bit encryption
 
Similar Threads
[Update - Success] Adding SSL certificate to Server.xml
Tomcat SSL .Enabling Client authentication with tomcat
cant get ssl to work with tomcat
Queries on role of files .keystore and CAKey.pem while moving the site to https?
converting jks to p12 certificate