Requirement for a TLS connection
Keystore and Truststore
To use TLS in version 1.3, we need a keystore and a truststore. Both are given to the VM.
-Djavax.net.ssl.keyStore=c:\work\serverkeystore.jks -Djavax.net.ssl.keyStorePassword=password -Djavax.net.ssl.trustStore=c:\work\clienttruststore.jks -Djavax.net.ssl.trustStorePassword=password
To create the two files (for development purposes) we use the Java keytool. For production, one certainly uses purchased certificates.
// Create keystore with certificate keytool -genkey -keypass password -storepass password-keyalg RSA -keystore serverkeystore.jks // Export certificate (Creates a server.cer file) keytool -export -storepass password -file server.cer -keystore serverkeystore.jks // Create truststore keytool -import -v -trustcacerts -file server.cer -keypass password -storepass password -keystore clienttruststore.jks
It is important here to use the