Creating self-signed certificates for Java Keystore

Stories about project management and coding

Creating self-signed certificates for Java Keystore

I recently came across a project that required to use HTTPS on the backend side and I wanted to have HTTPS in the DEV environment.
Most people would ask “Why the hell would you use TLS for local tests?” – well, I just want to handle HTTPS problems as soon as possible during development.

The method described here uses openssl to generate the key and sign it. I’m aware that you can do this using Javas Keystore alone, but I wanted to show you another method, mostly for people like me – I’m just used to using openssl for this purpose.


If you’ve ever generated a CSR to buy a SSL Certificate or used to sign your own certs for things like Apache, you can see the only interesting part here is the export in PKCS12 format.

You can now use this keystore is stuff like Jetty, see my Alexa Backend post for an example.

Tags: , , ,

2 Responses

  1. Adrian Smith says:

    I consider keystore extremely scary in general, howtos on this issue are greatly appreciated.

  2. […] production environment. Either disable the SSL configuration or quickly head over to my article on creating self-signed certificates for Javas Keystore. Then make sure the following lines reflect your keystore location and password (notice that it […]

Leave a Reply

Your email address will not be published. Required fields are marked *