Reputation: 3
How to create keystore and truststore file from Amazon RDS root CA certificate to setup TCPS connection from java code
I want to connect to Oracle RDS of AWS using secured TCPS connection, I have followed "Setting Up an SSL Connection Over JDBC" of https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.Oracle.Options.SSL.html#Appendix.Oracle.Options.SSL.TLS document, as per the doc I need to add only truststore file, but as I am getting connection reset issue, so after went through couple of blog's I realised that I should have add both truststore and keystore file, so can anyone please help me to generate truststore and keystore file from https://s3.amazonaws.com/rds-downloads/rds-ca-2015-root.pem PEM file.
Upvotes: 0
Views: 3347
Answers (1)
Reputation: 13
It's enough to put AWS certificates in truststore: Certificate bundles by AWS Region
For Java containers it can be done using following command (eu-west-1 region):
RUN wget https://truststore.pki.rds.amazonaws.com/eu-west-1/eu-west-1-bundle.pem -O - | keytool -import -trustcacerts -cacerts -storepass changeit -noprompt -alias eu-west-1-bundle
Upvotes: 0
Related Questions
- how to add .crt file to keystore and trust store
- AWS Java SDK SSL Certificates
- Unable to find valid certification path to requested target with AWS security token
- Using Java to establish a secure connection to MySQL Amazon RDS (SSL/TLS)
- How do I create truststore and keystore from the signed certificate?
- How to create keystore and truststore using self-signed certificate?
- Truststore in AWS IoT java client?
- Using AWS as certificate store
- How can I create a keystore using an existing CSR file?
- Create a keystore file (.jks) and a self signed certificate (.cer/.crt) in Java