The Security->Keystore Management tab can be used to add, remove and update keystores that can be used for various security-based operations like WS-Security configuration for SOAP requests, SSL connection setup etc. Keystores are files that are used to store a set of keys and certificates. It usually contains two types of entries - Key entry, and , Certificate entry

The Key entry can in turn either be a Key Pair entry (i.e. a private and public asymmetric key pair, and optionally a chain of related certificates) or a secret key entry (symmetric key)

The following keystore file formats are supported -

  • JKS / JCEKS keystore format (.jks files)

  • PKCS#12 keystore format (.p12 files)

To manage keystores using Examine, you have to first upload it using the Import button in the Keystore Management tab. This will bring up the Import Keystore dialog as shown below. Note that since most keystores will be protected by a password, you should enter the keystore password to be able to create the keystore successfully.


Once the keystore as been uploaded successfully, the keystore contents will be displayed in a tree format as shown below:


The private key entries (such as 'client' and 'client2') are shown with the key icon, while the public key entries that correspond to certificates are shown with the certificate icon.

Clicking on the keystore name, displays the keystore details on the right side as shown below:


The following keystore operations are available from the details view:

Private Key Entry operations

Clicking on the private key tree item displays the key entry details as shown below.


The following operations are available for the selected private key:

Public Key (Certificate) Entry operations

The Certificate Entry Details view is displayed when a public-key entry is clicked on the Keystore tree view.


The following operations are available for Certificate entries:

Delete

Delete the currently selected public key entry from the keystore

Export Certificate

This option is used to export the currently selected public key as an X.509 certificate in either DER (binary) or PEM (base64-encoded) format

loading table of contents...