Problem

How to check the certificate expiration date in the JKS file

Resolution

In the installation of our products, we are providing a version of an JRE (java).

In this folder there is a tool that could be used to verify the expiration date and the validity period of the certificate:

For Unix:

<Axway>/Java/<os>/<jre_version>/bin/keytool -v -list -keystore <Axway>/passport/conf/security/ssl.jks

For Windows:
<Axway>\Java\windows-x86\<jre_version>\bin\keytool.exe -v -list -keystore <Axway>\passport\conf\security\ssl.jks

See below the output of the command when the certificate is updated (No password is needed for the keytool list).

If you have any else for the passportsecured alias (SSL certificate), then it means that you have not applied/using the latest default sample SSL certificate delivered by Axway.

***************** WARNING WARNING WARNING *****************

* The integrity of the information stored in your keystore *

* has NOT been verified! In order to verify its integrity, *

* you must provide your keystore password. *

***************** WARNING WARNING WARNING *****************

Keystore type: JKS

Keystore provider: SUN

Your keystore contains 1 entry

Alias name: passportsecured

Creation date: Mar 14, 2019

Entry type: PrivateKeyEntry

Certificate chain length: 1

Certificate[1]:

Owner: CN=passport, OU=R&D, O=Axway, L=Bucharest, C=RO

Issuer: CN=PassPort, OU=R&D, O=Axway, L=Bucharest, C=RO

Serial number: 64444d7ff2d08dcf

Valid from: Thu Mar 14 01:00:00 CET 2019 until: Thu Mar 14 00:59:59 CET 2024

Certificate fingerprints:

MD5: 65:77:7F:47:DB:7B:28:32:13:6B:B2:9B:09:D2:CC:F3

SHA1: 4C:19:F9:3C:3D:C8:DB:1C:AE:DA:0C:99:11:42:80:1C:B1:4A:28:E6

SHA256: 9C:9F:F2:BF:BC:7D:20:40:6A:A6:4B:0A:02:95:47:F6:98:78:65:CD:88:7A:AA:B0:9C:15:D3:B6:F4:FC:B2:F3

Signature algorithm name: SHA256withRSA

Subject Public Key Algorithm: 2048-bit RSA key

Version: 3