[jboss-dev-forums] [JBoss AS 7 Development] - AS7 Password Vault on Windows

Anil Saldhana do-not-reply at jboss.com
Mon Mar 26 13:50:00 EDT 2012 

Anil Saldhana [https://community.jboss.org/people/anil.saldhana] created the document:

"AS7 Password Vault on Windows"

To view the document, visit: https://community.jboss.org/docs/DOC-17763

--------------------------------------------------------------
Reference:  https://community.jboss.org/docs/DOC-17248 https://community.jboss.org/wiki/JBossAS7SecuringPasswords

What we need?
1. JDK installation
2. Setting of JAVA_HOME Environment Variable
3. Creation a KeyStore
4. JBoss AS 7.1.x installation


Step 1  JDK Installation
Please go to  http://java.com http://java.com and download JDK installation for Windows. (Remember you need JDK installation and not JRE).
I tested this on Windows 7.  I downloaded and installed JDK 1.6.0_31 from  http://www.oracle.com/technetwork/java/javase/downloads/jdk-6u31-download-1501634.html http://www.oracle.com/technetwork/java/javase/downloads/jdk-6u31-download-1501634.html 
I installed JDK6 in  c:\Java directory.

Step 2  Setting of JAVA_HOME Environment Variable
I tested this on Windows 7.  So your mileage may vary depending on whether you are on XP, Vista, Win7 etc.  Please google and you will find instructions for your version of windows. They are pretty close.

* I went to Control Panel.  
* Searched for "Environment".
* Chose the "Edit the system environment variables"
* I went into Advanced -> Environment Variables
* I created a new environment variable called   JAVA_HOME     and set the value to     c:\Java\jdk1.6.0_31
* In the PATH environment variable,  I appended    %JAVA_HOME%\bin;       (remember to add ;  at the end)
* Run -> cmd
* Type   java     and you should see a bunch of options  rather than "Java is not recognized"

Step 3  Create a Keystore

I created a directory called keystores in c:\


C:\>md keystores


C:\>cd keystores


C:\keystores>keytool
keytool usage:


-certreq     [-v] [-protected]
             [-alias <alias>] [-sigalg <sigalg>]
             [-file <csr_file>] [-keypass <keypass>]
             [-keystore <keystore>] [-storepass <storepass>]
             [-storetype <storetype>] [-providername <name>]
             [-providerclass <provider_class_name> [-providerarg <arg>]] ...
             [-providerpath <pathlist>]


-changealias [-v] [-protected] -alias <alias> -destalias <destalias>
             [-keypass <keypass>]
             [-keystore <keystore>] [-storepass <storepass>]
             [-storetype <storetype>] [-providername <name>]
             [-providerclass <provider_class_name> [-providerarg <arg>]] ...
             [-providerpath <pathlist>]


-delete      [-v] [-protected] -alias <alias>
             [-keystore <keystore>] [-storepass <storepass>]
             [-storetype <storetype>] [-providername <name>]
             [-providerclass <provider_class_name> [-providerarg <arg>]] ...
             [-providerpath <pathlist>]


-exportcert  [-v] [-rfc] [-protected]
             [-alias <alias>] [-file <cert_file>]
             [-keystore <keystore>] [-storepass <storepass>]
             [-storetype <storetype>] [-providername <name>]
             [-providerclass <provider_class_name> [-providerarg <arg>]] ...
             [-providerpath <pathlist>]


-genkeypair  [-v] [-protected]
             [-alias <alias>]
             [-keyalg <keyalg>] [-keysize <keysize>]
             [-sigalg <sigalg>] [-dname <dname>]
             [-validity <valDays>] [-keypass <keypass>]
             [-keystore <keystore>] [-storepass <storepass>]
             [-storetype <storetype>] [-providername <name>]
             [-providerclass <provider_class_name> [-providerarg <arg>]] ...
             [-providerpath <pathlist>]


-genseckey   [-v] [-protected]
             [-alias <alias>] [-keypass <keypass>]
             [-keyalg <keyalg>] [-keysize <keysize>]
             [-keystore <keystore>] [-storepass <storepass>]
             [-storetype <storetype>] [-providername <name>]
             [-providerclass <provider_class_name> [-providerarg <arg>]] ...
             [-providerpath <pathlist>]


-help


-importcert  [-v] [-noprompt] [-trustcacerts] [-protected]
             [-alias <alias>]
             [-file <cert_file>] [-keypass <keypass>]
             [-keystore <keystore>] [-storepass <storepass>]
             [-storetype <storetype>] [-providername <name>]
             [-providerclass <provider_class_name> [-providerarg <arg>]] ...
             [-providerpath <pathlist>]


-importkeystore [-v]
             [-srckeystore <srckeystore>] [-destkeystore <destkeystore>]
             [-srcstoretype <srcstoretype>] [-deststoretype <deststoretype>]
             [-srcstorepass <srcstorepass>] [-deststorepass <deststorepass>]
             [-srcprotected] [-destprotected]
             [-srcprovidername <srcprovidername>]
             [-destprovidername <destprovidername>]
             [-srcalias <srcalias> [-destalias <destalias>]
               [-srckeypass <srckeypass>] [-destkeypass <destkeypass>]]
             [-noprompt]
             [-providerclass <provider_class_name> [-providerarg <arg>]] ...
             [-providerpath <pathlist>]


-keypasswd   [-v] [-alias <alias>]
             [-keypass <old_keypass>] [-new <new_keypass>]
             [-keystore <keystore>] [-storepass <storepass>]
             [-storetype <storetype>] [-providername <name>]
             [-providerclass <provider_class_name> [-providerarg <arg>]] ...
             [-providerpath <pathlist>]


-list        [-v | -rfc] [-protected]
             [-alias <alias>]
             [-keystore <keystore>] [-storepass <storepass>]
             [-storetype <storetype>] [-providername <name>]
             [-providerclass <provider_class_name> [-providerarg <arg>]] ...
             [-providerpath <pathlist>]


-printcert   [-v] [-file <cert_file>]


-storepasswd [-v] [-new <new_storepass>]
             [-keystore <keystore>] [-storepass <storepass>]
             [-storetype <storetype>] [-providername <name>]
             [-providerclass <provider_class_name> [-providerarg <arg>]] ...
             [-providerpath <pathlist>]


C:\keystores>keytool -alias vault -keyalg RSA -keysize 1024 -keystore vault.keys
tore
Usage error: no command provided
Try keytool -help


C:\keystores>keytool -genkey -alias vault -keyalg RSA -keysize 1024 -keystore va
ult.keystore
Enter keystore password:
Re-enter new password:
What is your first and last name?
  [Unknown]:  PicketBox Vault
What is the name of your organizational unit?
  [Unknown]:  PicketBox
What is the name of your organization?
  [Unknown]:  JBoss
What is the name of your City or Locality?
  [Unknown]:  Chicago
What is the name of your State or Province?
  [Unknown]:  IL
What is the two-letter country code for this unit?
  [Unknown]:  US
Is CN=PicketBox Vault, OU=PicketBox, O=JBoss, L=Chicago, ST=IL, C=US correct?
  [no]:  yes


Enter key password for <vault>
        (RETURN if same as keystore password):


C:\keystores>
C:\keystores>dir
 Volume in drive C is  

 Directory of C:\keystores 

03/26/2012  11:58 AM    <DIR>          .
03/26/2012  11:58 AM    <DIR>          ..
03/26/2012  11:58 AM             1,359 vault.keystore



That is it.
--------------------------------------------------------------

Comment by going to Community
[https://community.jboss.org/docs/DOC-17763]

Create a new document in JBoss AS 7 Development at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=102&containerType=14&container=2225]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-dev-forums/attachments/20120326/5e855298/attachment.html

More information about the jboss-dev-forums mailing list