JBoss Community

AS7 Password Vault on Windows

created by Anil Saldhana in JBoss AS 7 Development - View the full document

Reference: https://community.jboss.org/wiki/JBossAS7SecuringPasswords

 

What we need?

  1. JDK installation
  2. Setting of JAVA_HOME Environment Variable
  3. Creation a KeyStore
  4. JBoss AS 7.1.x installation

 

 

Step 1  JDK Installation

Please go to http://java.com and download JDK installation for Windows. (Remember you need JDK installation and not JRE).

I tested this on Windows 7.  I downloaded and installed JDK 1.6.0_31 from http://www.oracle.com/technetwork/java/javase/downloads/jdk-6u31-download-1501634.html

I installed JDK6 in  c:\Java directory.

 

Step 2  Setting of JAVA_HOME Environment Variable

I tested this on Windows 7.  So your mileage may vary depending on whether you are on XP, Vista, Win7 etc.  Please google and you will find instructions for your version of windows. They are pretty close.

 

  • I went to Control Panel. 
  • Searched for "Environment".
  • Chose the "Edit the system environment variables"
  • I went into Advanced -> Environment Variables
  • I created a new environment variable called   JAVA_HOME     and set the value to     c:\Java\jdk1.6.0_31
  • In the PATH environment variable,  I appended    %JAVA_HOME%\bin;       (remember to add ;  at the end)
  • Run -> cmd
  • Type   java     and you should see a bunch of options  rather than "Java is not recognized"

 

Step 3  Create a Keystore

 

I created a directory called keystores in c:\

 

 

C:\>md keystores


C:\>cd keystores


C:\keystores>keytool
keytool usage:


-certreq     [-v] [-protected]
             [-alias <alias>] [-sigalg <sigalg>]
             [-file <csr_file>] [-keypass <keypass>]
             [-keystore <keystore>] [-storepass <storepass>]
             [-storetype <storetype>] [-providername <name>]
             [-providerclass <provider_class_name> [-providerarg <arg>]] ...
             [-providerpath <pathlist>]


-changealias [-v] [-protected] -alias <alias> -destalias <destalias>
             [-keypass <keypass>]
             [-keystore <keystore>] [-storepass <storepass>]
             [-storetype <storetype>] [-providername <name>]
             [-providerclass <provider_class_name> [-providerarg <arg>]] ...
             [-providerpath <pathlist>]


-delete      [-v] [-protected] -alias <alias>
             [-keystore <keystore>] [-storepass <storepass>]
             [-storetype <storetype>] [-providername <name>]
             [-providerclass <provider_class_name> [-providerarg <arg>]] ...
             [-providerpath <pathlist>]


-exportcert  [-v] [-rfc] [-protected]
             [-alias <alias>] [-file <cert_file>]
             [-keystore <keystore>] [-storepass <storepass>]
             [-storetype <storetype>] [-providername <name>]
             [-providerclass <provider_class_name> [-providerarg <arg>]] ...
             [-providerpath <pathlist>]


-genkeypair  [-v] [-protected]
             [-alias <alias>]
             [-keyalg <keyalg>] [-keysize <keysize>]
             [-sigalg <sigalg>] [-dname <dname>]
             [-validity <valDays>] [-keypass <keypass>]
             [-keystore <keystore>] [-storepass <storepass>]
             [-storetype <storetype>] [-providername <name>]
             [-providerclass <provider_class_name> [-providerarg <arg>]] ...
             [-providerpath <pathlist>]


-genseckey   [-v] [-protected]
             [-alias <alias>] [-keypass <keypass>]
             [-keyalg <keyalg>] [-keysize <keysize>]
             [-keystore <keystore>] [-storepass <storepass>]
             [-storetype <storetype>] [-providername <name>]
             [-providerclass <provider_class_name> [-providerarg <arg>]] ...
             [-providerpath <pathlist>]


-help


-importcert  [-v] [-noprompt] [-trustcacerts] [-protected]
             [-alias <alias>]
             [-file <cert_file>] [-keypass <keypass>]
             [-keystore <keystore>] [-storepass <storepass>]
             [-storetype <storetype>] [-providername <name>]
             [-providerclass <provider_class_name> [-providerarg <arg>]] ...
             [-providerpath <pathlist>]


-importkeystore [-v]
             [-srckeystore <srckeystore>] [-destkeystore <destkeystore>]
             [-srcstoretype <srcstoretype>] [-deststoretype <deststoretype>]
             [-srcstorepass <srcstorepass>] [-deststorepass <deststorepass>]
             [-srcprotected] [-destprotected]
             [-srcprovidername <srcprovidername>]
             [-destprovidername <destprovidername>]
             [-srcalias <srcalias> [-destalias <destalias>]
               [-srckeypass <srckeypass>] [-destkeypass <destkeypass>]]
             [-noprompt]
             [-providerclass <provider_class_name> [-providerarg <arg>]] ...
             [-providerpath <pathlist>]


-keypasswd   [-v] [-alias <alias>]
             [-keypass <old_keypass>] [-new <new_keypass>]
             [-keystore <keystore>] [-storepass <storepass>]
             [-storetype <storetype>] [-providername <name>]
             [-providerclass <provider_class_name> [-providerarg <arg>]] ...
             [-providerpath <pathlist>]


-list        [-v | -rfc] [-protected]
             [-alias <alias>]
             [-keystore <keystore>] [-storepass <storepass>]
             [-storetype <storetype>] [-providername <name>]
             [-providerclass <provider_class_name> [-providerarg <arg>]] ...
             [-providerpath <pathlist>]


-printcert   [-v] [-file <cert_file>]


-storepasswd [-v] [-new <new_storepass>]
             [-keystore <keystore>] [-storepass <storepass>]
             [-storetype <storetype>] [-providername <name>]
             [-providerclass <provider_class_name> [-providerarg <arg>]] ...
             [-providerpath <pathlist>]


C:\keystores>keytool -alias vault -keyalg RSA -keysize 1024 -keystore vault.keys
tore
Usage error: no command provided
Try keytool -help


C:\keystores>keytool -genkey -alias vault -keyalg RSA -keysize 1024 -keystore va
ult.keystore
Enter keystore password:
Re-enter new password:
What is your first and last name?
  [Unknown]:  PicketBox Vault
What is the name of your organizational unit?
  [Unknown]:  PicketBox
What is the name of your organization?
  [Unknown]:  JBoss
What is the name of your City or Locality?
  [Unknown]:  Chicago
What is the name of your State or Province?
  [Unknown]:  IL
What is the two-letter country code for this unit?
  [Unknown]:  US
Is CN=PicketBox Vault, OU=PicketBox, O=JBoss, L=Chicago, ST=IL, C=US correct?
  [no]:  yes


Enter key password for <vault>
        (RETURN if same as keystore password):


C:\keystores>
C:\keystores>dir
 Volume in drive C is  

 Directory of C:\keystores 

03/26/2012  11:58 AM    <DIR>          .
03/26/2012  11:58 AM    <DIR>          ..
03/26/2012  11:58 AM             1,359 vault.keystore

 

 

That is it.

Comment by going to Community

Create a new document in JBoss AS 7 Development at Community