com.r3corda.core.crypto / X509Utilities / createCAKeyStoreAndTrustStore

createCAKeyStoreAndTrustStore

fun createCAKeyStoreAndTrustStore(keyStoreFilePath: Path, storePassword: String, keyPassword: String, trustStoreFilePath: Path, trustStorePassword: String): KeyStore

All in one wrapper to manufacture a root CA cert and an Intermediate CA cert. Normally this would be run once and then the outputs would be re-used repeatedly to manufacture the server certs

Parameters

keyStoreFilePath - The output KeyStore path to publish the private keys of the CA root and intermediate certs into.

storePassword - The storage password to protect access to the generated KeyStore and public certificates

keyPassword - The password that protects the CA private keys. Unlike the SSL libraries that tend to assume the password is the same as the keystore password. These CA private keys should be protected more effectively with a distinct password.

trustStoreFilePath - The output KeyStore to place the Root CA public certificate, which can be used as an SSL truststore

trustStorePassword - The password to protect the truststore

Return
The KeyStore object that was saved to file