Thursday, December 03, 2009

Import a certificate to keystore.

Import a certificate into default key store 'cacerts'.

keytool -import -trustcacerts -keystore cacerts -alias drssomp0117 -file drss117.2048.crt

Wednesday, December 02, 2009

Java JDK 1.4 JCE Provider issue.

Bundled JCE provider in jdk1.4 can't cope with keys bigger than 2048. If you are working on a websrvice, which needs using https to access, you maybe will be in trouble as commocial certificates most need 4096. In Java 1.5 and higher, it is OK as longer key was supported as default. How to sovle this issue? You have to find an alternative JCE provider that supports key size 4096.

Provider resources:
http://www.bouncycastle.org/java.html
http://www.cryptix.org/