Trenutna datoteka za test:
truststore.bks
trustpass



PRIMER IZDELAVE truststore.bks:

V aplikaciji mora biti truststore s certifikatom za FURS strežnik.

1) Najprej ustvari truststore:

keytool -genkey -alias testAlias -keystore truststore.bks -storepass trustpass -storetype BKS -provider org.bouncycastle.jce.provider.BouncyCastleProvider -providerpath /home/matjaz/.m2/repository/org/bouncycastle/bcprov-jdk16/1.46/bcprov-jdk16-1.46.jar
What is your first and last name?
  [Unknown]:  Matjaz Kranjc
What is the name of your organizational unit?
  [Unknown]:
What is the name of your organization?
  [Unknown]:  LunaLabs
What is the name of your City or Locality?
  [Unknown]:
What is the name of your State or Province?
  [Unknown]:
What is the two-letter country code for this unit?
  [Unknown]:  SI
Is CN=Matjaz Kranjc, OU=Unknown, O=LunaLabs, L=Unknown, ST=Unknown, C=SI correct?
  [no]:  yes

Enter key password for <testAlias>
	(RETURN if same as keystore password):

Ustvarjena je datoteka:
-rw-r--r-- 1 matjaz matjaz 1995 jul 28 12:55 truststore.bks


V truststore dodaj certifikat za verifikacijo FURS strežnika
keytool -import -alias testtlscer -keystore truststore.bks -trustcacerts -file blagajne-test.fu.gov.si.cer -storetype BKS -provider org.bouncycastle.jce.provider.BouncyCastleProvider -providerpath /home/matjaz/.m2/repository/org/bouncycastle/bcprov-jdk16/1.46/bcprov-jdk16-1.46.jar

Primer je za testni stežnik!


PREGLED CERTIFIKATA IN VELJAVNOSTI:

1) Pregled .cer/.crt datoteke (osnovne informacije):
openssl x509 -in certifikat.cer -text -noout | head -20

2) Pregled samo veljavnosti certifikata:
openssl x509 -in certifikat.cer -noout -dates

   Primer izpisa:
   notBefore=Jul  2 08:34:36 2025 GMT
   notAfter=Jul  2 09:04:36 2030 GMT

3) Pregled izdajatelja in subjekta:
openssl x509 -in certifikat.cer -noout -subject -issuer

4) Pregled vsebine BKS truststora:
keytool -list -keystore truststore.bks -storetype BKS -provider org.bouncycastle.jce.provider.BouncyCastleProvider -providerpath /home/matjaz/.m2/repository/org/bouncycastle/bcprov-jdk16/1.46/bcprov-jdk16-1.46.jar -storepass trustpass

5) Podroben pregled posameznega certifikata v BKS truststoru:
keytool -list -v -alias ALIAS_IME -keystore truststore.bks -storetype BKS -provider org.bouncycastle.jce.provider.BouncyCastleProvider -providerpath /home/matjaz/.m2/repository/org/bouncycastle/bcprov-jdk16/1.46/bcprov-jdk16-1.46.jar -storepass trustpass
