1. Generate JKS files

In this case I use self-signed certificates, these certificates are valid for a laboratory environment. 

 1.1. Generate Store JKS 

 a. Generate a key 

 sudo openssl genrsa -aes256 -out soffid.pam.store.key 

 b. Generate the .pem file 

 sudo openssl req -x509 -days 1000 -new -key soffid.pam.store.key -out soffid.pam.store.pem 

 

 To bear in mind the CN (Common Name) when creating the certificate 

 c. Generate the .pfx file 

 sudo openssl pkcs12 -export -in soffid.pam.store.pem -inkey soffid.pam.store.key -out soffid.pam.store.pfx 

 d. Generate the .jks file 

 sudo keytool -v -importkeystore -srckeystore soffid.pam.store.pfx -srcstoretype PKCS12 \

 -destkeystore soffid.pam.store.jks \

 -deststoretype JKS \

 -destkeypass 123456 -srcstorepass 123456 -deststorepass 123456 

 

 1.2. Generate Launcher JKS 

 a. Generate a key 

 sudo openssl genrsa -aes256 -out soffid.pam.launcher.key 

 b. Generate the .pem file 

 sudo openssl req -x509 -days 1000 -new -key soffid.pam.launcher.key -out soffid.pam.launcher.pem 

 

 

 To bear in mind the CN (Common Name) when creating the certificate 

 c. Generate the .pfx file 

 sudo openssl pkcs12 -export -in soffid.pam.launcher.pem -inkey soffid.pam.launcher.key -out soffid.pam.launcher.pfx 

 d. Generate the .jks file 

 sudo keytool -v -importkeystore -srckeystore soffid.pam.launcher.pfx -srcstoretype PKCS12 \

 -destkeystore soffid.pam.launcher.jks \

 -deststoretype JKS \

 -destkeypass 123456 -srcstorepass 123456 -deststorepass 123456