Java Reference
In-Depth Information
An
ArrayList
is created containing
SNIServerName
objects that each indic-
ate a valid server name. In the example, one
SNIServerName
object is added to the
list. A list of valid servers is then passed to the
SSLParamet-
ers.setServerNames()
method.
22-3. Specifying a Keystore Password
Problem
You want to secure an SSL keystore with an additional password for added security.
Solution
Specify the new
importpassword
command option when creating a keystore.
keytool -genkey -alias java8recipes -keyalg RSA -keystore
keystore.jks -keysize 2048
Use the following to import a passphrase:
keytool -importpassword -alias java8recipes
How It Works
The keytool utility's new
-importpassword
command allows you to store a pass-
phrase in the new
KeyStore.SecretKeyEntry
. This password provides another
level of security beyond the standard keypass because the keypass is used to protect it.
When users issue this command, they must provide the
-keypass
option along with
the keystore password, otherwise they will be prompted for it.
22-4. Generating the Strongest Random
Number Possible