Keystore Explorer (KSE) is one of those rare gui utilities I can find myself wholeheartedly endorsing. If you work with a menagerie of Java trust and key stores, it may just be the thing that saves your sanity.
Juggling SSL certificates for Java based applications can be tedious when all you have to work with is Oracle’s keytool (a utility I’ve used in many previous projects, like this.
I’m generally not a fan of gui tools, even on Windows, but recently I found myself mucking around in multiple Java key and trust stores in testing and found the open source KSE to be a godsend.
NOTE: Portecle is an open source alternative to KSE that is already in the Fedora repositories. It uses the Java-based Bouncycastle crypto libraries that are also open source (and in the Fedora yum repo!). Not as pretty as KSE to look at, but a good substitute nonetheless if you don’t want to go messing with creating .desktop files and symlinks.
KSE is written in Java and its website includes downloads for Windows and Mac OSX users, but a simple .zip for everyone else. That’s actually OK with me, as I’ve found that simple archives of many Java applications work better than the packages usually churned out for various Linux distributions.
To install KSE on a Fedora Linux workstation or server running the Gnome desktop, simply download the .zip file and unarchive it to somewhere like /opt/kse.
Next, modify the included kse.sh script as follows:
#!/bin/bash # Oracle/OpenJDK JRE version 1.6+ has to be present on your path # OR in a directory called "jre" in the same directory as this script JRE_HOME=/usr/lib/jvm/jre cd /opt/kse if [ -d "jre" ]; then ./jre/bin/java -jar kse.jar else java -jar kse.jar fi
With Java desktop apps on Linux I’ve usually found that (a) explicitly mapping the JRE or JAVA home variable; and (b) starting the app in the program’s own directory works best.
Make a symlink from the script to a bin directory in the PATH for all users:
ln -s /opt/kse/kse.sh /usr/local/bin/kse
Create a kse.desktop file so that it will be displayed on the Gnome menu, and copy it into /usr/share/applications:
[Desktop Entry] Name=KeyStore Explorer Comment=Manage Java Keystores Terminal=false Exec=/opt/kse/kse.sh Type=Application Icon=/usr/share/pixmaps/keys.png Categories=Development;Java
Note: I stole the keys.png file from Gnome’s Seahorse key manager.
The tool’s operation is pretty intuitive, although I’d recommend reading the Release Notes .