Platform Framework
R24 AMR | Min(s) read

Creating a Java Keystore

You can create the Java keystore and register entries and keys to it using the following procedure.

  1. Extract the TemenosSecurityWeb.war file from the $TAFJ_HOME/MessageIntegrity directory to your chosen folder.
  2. Edit the keystore.properties file, which is available under resource/conf folder in TemenosSecurityWeb.war.

    If the keystore is available as a physical file in the machine, then provide the path in the temn.keystore.location property . You can specify multiple paths separated by commas (,).

    If the keystore is available in database, then specify the following properties:

    • temn.keystore.database.url
    • temn.keystore.database.driver
    • temn.keystore.database.user
    • temn.keystore.database.password
  3. Navigate to the bin folder of the extracted MessageIntegrity directory and execute the LaunchKeyStoreWebApp.bat file to start jetty-runner for deploying TemenosSecurityWeb.war.
  4. Now access the web application with the following URL:

    http://localhost:8080/TemenosSecurity

    You will be able to view the keystore page as shown below.

  5. Enter the keystore name and password.
  6. Select one of the following key type:
    • Asymmetric–PrivateKey: It is used only for sign operation. It should be an instance of PrivateKey.
    • Asymmetric–PublicKey: It is used only for verify operation. It should be an instance of PublicKey.
    • Symmetric Key: It is used for both sign and verify operations. It should be an instance of SecretKey
  7. Split the keys and enter it as left and right key.
  8. Specify Grace Days. Grace days is the number of days the keys can be configured to be valid. This is used based on configurations.

Command Line Utility

Launch tCreateKeyStore.bat for Windows and tCreateKeyStore.sh for Linux platforms from <TAFJHome>\MessageIntegrity\bin.

tCreateKeyStore
	 to store in a file <tCreateKeyStore -kl <Keystore Location> <Options>>
	 to store in a database <tCreateKeyStore -url <Database URL> -dr <Driver Name> -du <Database User>> -du <Database Password> <Options>>

where OPTIONS can be:

-kn <Keystore Name> -kp <Keystore Password> -o <Organization Name> -kt <unidirectional/unidirectional-private/unidirectional-public> 

-en <Entry Name> -ep <Entry Password> -rk/-lk <Right/Left Key> -sd <Startd Date in format dd-mm-yyy> -ed <End Date in format dd-mm-yyy>

-gt <GraceTime> -ol <true/false true if left key already stored> -or <true/false true if right key already stored>

Copyright © 2020- Temenos Headquarters SA

Contact Us

knowledge@temenos.com

Published on :
Monday, May 27, 2024 5:03:42 PM IST