title: Keystore Explorer for Linux link: https://onemoretech.wordpress.com/2015/02/16/keystore-explorer-for-linux/ author: phil2nc description: post_id: 9293 created: 2015/02/16 10:09:52 created_gmt: 2015/02/16 15:09:52 comment_status: closed post_name: keystore-explorer-for-linux status: publish post_type: post

Keystore Explorer for Linux

Keystore Explorer (KSE) is one of those rare gui utilities I can find myself wholeheartedly endorsing. If you work with a menagerie of Java trust and key stores, it may just be the thing that saves your sanity. Juggling SSL certificates for Java based applications can be tedious when all you have to work with is Oracle's keytool (a utility I've used in many previous projects, like this. I'm generally not a fan of gui tools, even on Windows, but recently I found myself mucking around in multiple Java key and trust stores in testing and found the open source KSE to be a godsend. NOTE: Portecle is an open source alternative to KSE that is already in the Fedora repositories. It uses the Java-based Bouncycastle crypto libraries that are also open source (and in the Fedora yum repo!). Not as pretty as KSE to look at, but a good substitute nonetheless if you don't want to go messing with creating .desktop files and symlinks. KSE is written in Java and its website includes downloads for Windows and Mac OSX users, but a simple .zip for everyone else. That's actually OK with me, as I've found that simple archives of many Java applications work better than the packages usually churned out for various Linux distributions. To install KSE on a Fedora Linux workstation or server running the Gnome desktop, simply download the .zip file and unarchive it to somewhere like /opt/kse. Next, modify the included kse.sh script as follows: [code language="bash" gutter="false"] #!/bin/bash # Oracle/OpenJDK JRE version 1.6+ has to be present on your path # OR in a directory called "jre" in the same directory as this script JRE_HOME=/usr/lib/jvm/jre cd /opt/kse if [ -d "jre" ]; then ./jre/bin/java -jar kse.jar else java -jar kse.jar fi [/code] With Java desktop apps on Linux I've usually found that (a) explicitly mapping the JRE or JAVA home variable; and (b) starting the app in the program's own directory works best. Make a symlink from the script to a bin directory in the PATH for all users: [code language="bash" gutter="false"] ln -s /opt/kse/kse.sh /usr/local/bin/kse [/code] Create a kse.desktop file so that it will be displayed on the Gnome menu, and copy it into /usr/share/applications: [code language="bash" gutter="false"] [Desktop Entry] Name=KeyStore Explorer Comment=Manage Java Keystores Terminal=false Exec=/opt/kse/kse.sh Type=Application Icon=/usr/share/pixmaps/keys.png Categories=Development;Java [/code] Note: I stole the keys.png file from Gnome's Seahorse key manager. The tool's operation is pretty intuitive, although I'd recommend reading the Release Notes .

Copyright 2004-2019 Phil Lembo