Keystores used for the JSSE regression test suite. keystore truststore ========== These are the primary two keystores and contain entries for testing most of the JSSE regression test files. There are three entries, one RSA-based, one DSA-based and one EC-based. If they expire, simply recreate them using keytool and most of the test cases should work. The password on both files is: passphrase There are no individual key entry passwords at this time. keystore entries ================ Alias name: dummy ----------------- Creation date: May 16, 2016 Entry type: PrivateKeyEntry Certificate chain length: 1 Certificate[1]: Owner: CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US Issuer: CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US Serial number: 57399b87 Valid from: Mon May 16 10:06:38 UTC 2016 until: Sat May 16 10:06:38 UTC 2026 Signature algorithm name: SHA256withRSA Version: 1 This can be generated using hacked (update the keytool source code so that it can be used for version 1 X.509 certificate) keytool command: % keytool -genkeypair -alias dummy -keyalg RSA -keysize 2048 \ -sigalg SHA256withRSA \ -dname "CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US" \ -validity 3652 -keypass passphrase -keystore keystore -storepass passphrase Alias name: dummyecdsa ---------------------- Creation date: May 16, 2016 Entry type: PrivateKeyEntry Certificate chain length: 1 Certificate[1]: Owner: CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US Issuer: CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US Serial number: 57399c1d Valid from: Mon May 16 10:09:01 UTC 2016 until: Sat May 16 10:09:01 UTC 2026 Signature algorithm name: SHA256withECDSA Version: 1 This can be generated using hacked (update the keytool source code so that it can be used for version 1 X.509 certificate) keytool command: % keytool -genkeypair -alias dummy -keyalg EC -keysize 256 \ -sigalg SHA256withECDSA \ -dname "CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US" \ -validity 3652 -keypass passphrase -keystore keystore -storepass passphrase Alias name: dummydsa -------------------- Creation date: Mar 29, 2018 Entry type: PrivateKeyEntry Certificate chain length: 1 Certificate[1]: Owner: CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US Issuer: CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US Serial number: 324d85f0 Valid from: Thu Mar 29 16:06:34 PDT 2018 until: Tue Mar 28 16:06:34 PDT 2028 Signature algorithm name: SHA256withDSA Version: 3 This can be generated using hacked (update the keytool source code so that it can be used for version 1 X.509 certificate) keytool command: % keytool -genkeypair -alias dummydsa -keyalg DSA -keysize 1024 \ -sigalg SHA256withDSA \ -dname "CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US" \ -validity 3652 -keypass passphrase -keystore keystore -storepass passphrase Alias name: dummyecrsa -------------------- Creation date: Apr 13, 2018 Entry type: PrivateKeyEntry Certificate chain length: 2 Certificate[1]: Owner: CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US Issuer: CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US Serial number: 6f2d1faa Valid from: Fri Apr 13 16:20:55 CST 2018 until: Wed Apr 12 16:20:55 CST 2028 Version: 3 This can be generated by using keytool command: % keytool -genkeypair -alias dummyecrsa -keyalg EC -keysize 256 \ -keypass passphrase -storepass passphrase -keystore keystore \ -dname "CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US" % keytool -certreq -alias dummyecrsa -storepass passphrase -keystore keystore \ -file ecrsa.csr % keytool -gencert -alias dummy -storepass passphrase -keystore keystore \ -validity 3652 -infile ecrsa.csr -outfile ecrsa.cer % keytool -importcert -alias dummyecrsa -storepass passphrase -keystore keystore \ -file ecrsa.cer truststore entries ================== This key store contains only trusted certificate entries. The same certificates, except dummyecrsa, are used in both keystore and truststore. unknown_keystore ================ A keystore you can use when you don't want things to be verified. Use this with keystore/truststore, and you'll never get a match.