test/jdk/javax/net/ssl/etc/README - platform/libcore - Git at Google

 Keystores used for the JSSE regression test suite.

 keystore
 truststore
 ==========

 These are the primary two keystores and contain entries for testing most
 of the JSSE regression test files.  There are three entries, one RSA-based,
 one DSA-based and one EC-based.  If they expire, simply recreate them
 using keytool and most of the test cases should work.

 The password on both files is:

     passphrase

 There are no individual key entry passwords at this time.


 keystore entries
 ================

 Alias name: dummy
 -----------------
 Creation date: May 16, 2016
 Entry type: PrivateKeyEntry
 Certificate chain length: 1
 Certificate[1]:
 Owner: CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US
 Issuer: CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US
 Serial number: 57399b87
 Valid from: Mon May 16 10:06:38 UTC 2016 until: Sat May 16 10:06:38 UTC 2026
 Signature algorithm name: SHA256withRSA
 Version: 1

 This can be generated using hacked (update the keytool source code so that
 it can be used for version 1 X.509 certificate) keytool command:
 % keytool -genkeypair -alias dummy -keyalg RSA -keysize 2048 \
   -sigalg SHA256withRSA \
   -dname "CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US" \
   -validity 3652 -keypass passphrase -keystore keystore -storepass passphrase


 Alias name: dummyecdsa
 ----------------------
 Creation date: May 16, 2016
 Entry type: PrivateKeyEntry
 Certificate chain length: 1
 Certificate[1]:
 Owner: CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US
 Issuer: CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US
 Serial number: 57399c1d
 Valid from: Mon May 16 10:09:01 UTC 2016 until: Sat May 16 10:09:01 UTC 2026
 Signature algorithm name: SHA256withECDSA
 Version: 1

 This can be generated using hacked (update the keytool source code so that
 it can be used for version 1 X.509 certificate) keytool command:
 % keytool -genkeypair -alias dummy -keyalg EC -keysize 256 \
   -sigalg SHA256withECDSA \
   -dname "CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US" \
   -validity 3652 -keypass passphrase -keystore keystore -storepass passphrase

 Alias name: dummydsa
 --------------------
 Creation date: Mar 29, 2018
 Entry type: PrivateKeyEntry
 Certificate chain length: 1
 Certificate[1]:
 Owner: CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US
 Issuer: CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US
 Serial number: 324d85f0
 Valid from: Thu Mar 29 16:06:34 PDT 2018 until: Tue Mar 28 16:06:34 PDT 2028
 Signature algorithm name: SHA256withDSA
 Version: 3

 This can be generated using hacked (update the keytool source code so that
 it can be used for version 1 X.509 certificate) keytool command:
 % keytool -genkeypair -alias dummydsa -keyalg DSA -keysize 1024 \
   -sigalg SHA256withDSA \
   -dname "CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US" \
   -validity 3652 -keypass passphrase -keystore keystore -storepass passphrase

 Alias name: dummyecrsa
 --------------------
 Creation date: Apr 13, 2018
 Entry type: PrivateKeyEntry
 Certificate chain length: 2
 Certificate[1]:
 Owner: CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US
 Issuer: CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US
 Serial number: 6f2d1faa
 Valid from: Fri Apr 13 16:20:55 CST 2018 until: Wed Apr 12 16:20:55 CST 2028
 Version: 3

 This can be generated by using keytool command:
 % keytool -genkeypair -alias dummyecrsa -keyalg EC -keysize 256 \
   -keypass passphrase -storepass passphrase -keystore keystore \
   -dname "CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US"
 % keytool -certreq -alias dummyecrsa -storepass passphrase -keystore keystore \
   -file ecrsa.csr
 % keytool -gencert -alias dummy -storepass passphrase -keystore keystore \
   -validity 3652 -infile ecrsa.csr -outfile ecrsa.cer
 % keytool -importcert -alias dummyecrsa -storepass passphrase -keystore keystore \
   -file ecrsa.cer


 truststore entries
 ==================
 This key store contains only trusted certificate entries. The same
 certificates, except dummyecrsa, are used in both keystore and truststore.


 unknown_keystore
 ================
 A keystore you can use when you don't want things to be verified.
 Use this with keystore/truststore, and you'll never get a match.
	Keystores used for the JSSE regression test suite.

	keystore
	truststore
	==========

	These are the primary two keystores and contain entries for testing most
	of the JSSE regression test files. There are three entries, one RSA-based,
	one DSA-based and one EC-based. If they expire, simply recreate them
	using keytool and most of the test cases should work.

	The password on both files is:

	passphrase

	There are no individual key entry passwords at this time.


	keystore entries
	================

	Alias name: dummy
	-----------------
	Creation date: May 16, 2016
	Entry type: PrivateKeyEntry
	Certificate chain length: 1
	Certificate[1]:
	Owner: CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US
	Issuer: CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US
	Serial number: 57399b87
	Valid from: Mon May 16 10:06:38 UTC 2016 until: Sat May 16 10:06:38 UTC 2026
	Signature algorithm name: SHA256withRSA
	Version: 1

	This can be generated using hacked (update the keytool source code so that
	it can be used for version 1 X.509 certificate) keytool command:
	% keytool -genkeypair -alias dummy -keyalg RSA -keysize 2048 \
	-sigalg SHA256withRSA \
	-dname "CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US" \
	-validity 3652 -keypass passphrase -keystore keystore -storepass passphrase


	Alias name: dummyecdsa
	----------------------
	Creation date: May 16, 2016
	Entry type: PrivateKeyEntry
	Certificate chain length: 1
	Certificate[1]:
	Owner: CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US
	Issuer: CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US
	Serial number: 57399c1d
	Valid from: Mon May 16 10:09:01 UTC 2016 until: Sat May 16 10:09:01 UTC 2026
	Signature algorithm name: SHA256withECDSA
	Version: 1

	This can be generated using hacked (update the keytool source code so that
	it can be used for version 1 X.509 certificate) keytool command:
	% keytool -genkeypair -alias dummy -keyalg EC -keysize 256 \
	-sigalg SHA256withECDSA \
	-dname "CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US" \
	-validity 3652 -keypass passphrase -keystore keystore -storepass passphrase

	Alias name: dummydsa
	--------------------
	Creation date: Mar 29, 2018
	Entry type: PrivateKeyEntry
	Certificate chain length: 1
	Certificate[1]:
	Owner: CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US
	Issuer: CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US
	Serial number: 324d85f0
	Valid from: Thu Mar 29 16:06:34 PDT 2018 until: Tue Mar 28 16:06:34 PDT 2028
	Signature algorithm name: SHA256withDSA
	Version: 3

	This can be generated using hacked (update the keytool source code so that
	it can be used for version 1 X.509 certificate) keytool command:
	% keytool -genkeypair -alias dummydsa -keyalg DSA -keysize 1024 \
	-sigalg SHA256withDSA \
	-dname "CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US" \
	-validity 3652 -keypass passphrase -keystore keystore -storepass passphrase

	Alias name: dummyecrsa
	--------------------
	Creation date: Apr 13, 2018
	Entry type: PrivateKeyEntry
	Certificate chain length: 2
	Certificate[1]:
	Owner: CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US
	Issuer: CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US
	Serial number: 6f2d1faa
	Valid from: Fri Apr 13 16:20:55 CST 2018 until: Wed Apr 12 16:20:55 CST 2028
	Version: 3

	This can be generated by using keytool command:
	% keytool -genkeypair -alias dummyecrsa -keyalg EC -keysize 256 \
	-keypass passphrase -storepass passphrase -keystore keystore \
	-dname "CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US"
	% keytool -certreq -alias dummyecrsa -storepass passphrase -keystore keystore \
	-file ecrsa.csr
	% keytool -gencert -alias dummy -storepass passphrase -keystore keystore \
	-validity 3652 -infile ecrsa.csr -outfile ecrsa.cer
	% keytool -importcert -alias dummyecrsa -storepass passphrase -keystore keystore \
	-file ecrsa.cer


	truststore entries
	==================
	This key store contains only trusted certificate entries. The same
	certificates, except dummyecrsa, are used in both keystore and truststore.


	unknown_keystore
	================
	A keystore you can use when you don't want things to be verified.
	Use this with keystore/truststore, and you'll never get a match.