Set-up SSL Communication between two Linux servers Using Keytool Command

31 / May / 2012 by Gautam Malhotra 0 comments

In one of my project, My front end application runs on one server and back end application runs on another. Both application have to communicate with each other through SSL(Secure Sockets Layer). SSL is a way to secure internet communication from your browser to a secure website. The websites using SSL will have https:// to their name.

In comes the Java keytool command, which is a key and certificate management utility. Keytool is a java security tool, which is used to create and manage public keys,private keys,and security certificate. It manages a keystore (database) of cryptographic keys, X.509 certificate chains, and trusted certificates.

Using the Java keytool command you can add the certicate into your keystore as trusted certificate.

Following are the steps to perform https communication between two application on different servers:
1. Copy server1-site.crt file to Server 2.
2. Now, Import this root or intermediate CA certificate to an existing Java keystore, using the command:
    Default keystore password is changeit

keytool -import -trustcacerts -keystore cacerts -storepass YOUR_KEYSTORE_PASSWORD -noprompt -alias webAppCertificate -file

3. Restart apache by issuing command: /etc/init.d/apache2 restart OR apache2ctl restart
4. Repeat, Steps 1 to 3 on server1 with server2-site.crt file.

Using the keytool command you can add , delete ,list certificate from your keystore.


Hope it Helps!

Gautam Malhotra


Leave a comment -