User Tools

Site Tools


keytool

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Last revision Both sides next revision
keytool [2011/04/28 02:42]
k2patel created
keytool [2011/04/28 02:44]
k2patel
Line 7: Line 7:
  
 Generate a Java keystore and key pair Generate a Java keystore and key pair
 +<code java>
 keytool -genkey -alias mydomain -keyalg RSA -keystore keystore.jks -keysize 2048 keytool -genkey -alias mydomain -keyalg RSA -keystore keystore.jks -keysize 2048
 +</​code>​
  
 Generate a certificate signing request (CSR) for an existing Java keystore Generate a certificate signing request (CSR) for an existing Java keystore
 +<code java>
 keytool -certreq -alias mydomain -keystore keystore.jks -file mydomain.csr keytool -certreq -alias mydomain -keystore keystore.jks -file mydomain.csr
 +</​code>​
  
 Import a root or intermediate CA certificate to an existing Java keystore Import a root or intermediate CA certificate to an existing Java keystore
 +<code java>
 keytool -import -trustcacerts -alias root -file Thawte.crt -keystore keystore.jks keytool -import -trustcacerts -alias root -file Thawte.crt -keystore keystore.jks
 +</​code>​
  
 Import a signed primary certificate to an existing Java keystore Import a signed primary certificate to an existing Java keystore
 +<code java>
 keytool -import -trustcacerts -alias mydomain -file mydomain.crt -keystore keystore.jks keytool -import -trustcacerts -alias mydomain -file mydomain.crt -keystore keystore.jks
 +</​code>​
  
 Generate a keystore and self-signed certificate (see How to Create a Self Signed Certificate using Java Keytool for more info) Generate a keystore and self-signed certificate (see How to Create a Self Signed Certificate using Java Keytool for more info)
 +<code java>
 keytool -genkey -keyalg RSA -alias selfsigned -keystore keystore.jks -storepass password -validity 360 -keysize 2048 keytool -genkey -keyalg RSA -alias selfsigned -keystore keystore.jks -storepass password -validity 360 -keysize 2048
 +</​code>​
  
 ==== Java Keytool Commands for Checking ==== ==== Java Keytool Commands for Checking ====
Line 27: Line 37:
  
 Check a stand-alone certificate Check a stand-alone certificate
 +<code java>
 keytool -printcert -v -file mydomain.crt keytool -printcert -v -file mydomain.crt
 +</​code>​
  
 Check which certificates are in a Java keystore Check which certificates are in a Java keystore
 +<code java>
 keytool -list -v -keystore keystore.jks keytool -list -v -keystore keystore.jks
 +</​code>​
  
 Check a particular keystore entry using an alias Check a particular keystore entry using an alias
 +<code java>
 keytool -list -v -keystore keystore.jks -alias mydomain keytool -list -v -keystore keystore.jks -alias mydomain
 +</​code>​
  
 ==== Other Java Keytool Commands ==== ==== Other Java Keytool Commands ====
Line 39: Line 55:
  
 Delete a certificate from a Java Keytool keystore Delete a certificate from a Java Keytool keystore
 +<code java>
 keytool -delete -alias mydomain -keystore keystore.jks keytool -delete -alias mydomain -keystore keystore.jks
 +</​code>​
  
 Change a Java keystore password Change a Java keystore password
 +<code java>
 keytool -storepasswd -new new_storepass -keystore keystore.jks keytool -storepasswd -new new_storepass -keystore keystore.jks
 +</​code>​
  
 Export a certificate from a keystore Export a certificate from a keystore
 +<code java>
 keytool -export -alias mydomain -file mydomain.crt -keystore keystore.jks keytool -export -alias mydomain -file mydomain.crt -keystore keystore.jks
 +</​code>​
  
 List Trusted CA Certs List Trusted CA Certs
 +<code java>
 keytool -list -v -keystore $JAVA_HOME/​jre/​lib/​security/​cacerts keytool -list -v -keystore $JAVA_HOME/​jre/​lib/​security/​cacerts
 +</​code>​
  
 Import New CA into Trusted Certs Import New CA into Trusted Certs
 +<code java>
 keytool -import -trustcacerts -file /​path/​to/​ca/​ca.pem -alias CA_ALIAS -keystore $JAVA_HOME/​jre/​lib/​security/​cacerts keytool -import -trustcacerts -file /​path/​to/​ca/​ca.pem -alias CA_ALIAS -keystore $JAVA_HOME/​jre/​lib/​security/​cacerts
keytool.txt ยท Last modified: 2011/04/28 02:45 by k2patel