Debian DokuWiki

User Tools

Site Tools

Trace:
keytool

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
Last revisionBoth sides next revision
keytool [2011/04/28 06:42] – created k2patelkeytool [2011/04/28 06:45] k2patel
Line 7: Line 7:
  
 Generate a Java keystore and key pair Generate a Java keystore and key pair
 +<code java>
 keytool -genkey -alias mydomain -keyalg RSA -keystore keystore.jks -keysize 2048 keytool -genkey -alias mydomain -keyalg RSA -keystore keystore.jks -keysize 2048
 +</code>
  
 Generate a certificate signing request (CSR) for an existing Java keystore Generate a certificate signing request (CSR) for an existing Java keystore
 +<code java>
 keytool -certreq -alias mydomain -keystore keystore.jks -file mydomain.csr keytool -certreq -alias mydomain -keystore keystore.jks -file mydomain.csr
 +</code>
  
 Import a root or intermediate CA certificate to an existing Java keystore Import a root or intermediate CA certificate to an existing Java keystore
 +<code java>
 keytool -import -trustcacerts -alias root -file Thawte.crt -keystore keystore.jks keytool -import -trustcacerts -alias root -file Thawte.crt -keystore keystore.jks
 +</code>
  
 Import a signed primary certificate to an existing Java keystore Import a signed primary certificate to an existing Java keystore
 +<code java>
 keytool -import -trustcacerts -alias mydomain -file mydomain.crt -keystore keystore.jks keytool -import -trustcacerts -alias mydomain -file mydomain.crt -keystore keystore.jks
 +</code>
  
 Generate a keystore and self-signed certificate (see How to Create a Self Signed Certificate using Java Keytool for more info) Generate a keystore and self-signed certificate (see How to Create a Self Signed Certificate using Java Keytool for more info)
 +<code java>
 keytool -genkey -keyalg RSA -alias selfsigned -keystore keystore.jks -storepass password -validity 360 -keysize 2048 keytool -genkey -keyalg RSA -alias selfsigned -keystore keystore.jks -storepass password -validity 360 -keysize 2048
 +</code>
  
 ==== Java Keytool Commands for Checking ==== ==== Java Keytool Commands for Checking ====
Line 27: Line 37:
  
 Check a stand-alone certificate Check a stand-alone certificate
 +<code java>
 keytool -printcert -v -file mydomain.crt keytool -printcert -v -file mydomain.crt
 +</code>
  
 Check which certificates are in a Java keystore Check which certificates are in a Java keystore
 +<code java>
 keytool -list -v -keystore keystore.jks keytool -list -v -keystore keystore.jks
 +</code>
  
 Check a particular keystore entry using an alias Check a particular keystore entry using an alias
 +<code java>
 keytool -list -v -keystore keystore.jks -alias mydomain keytool -list -v -keystore keystore.jks -alias mydomain
 +</code>
  
 ==== Other Java Keytool Commands ==== ==== Other Java Keytool Commands ====
Line 39: Line 55:
  
 Delete a certificate from a Java Keytool keystore Delete a certificate from a Java Keytool keystore
 +<code java>
 keytool -delete -alias mydomain -keystore keystore.jks keytool -delete -alias mydomain -keystore keystore.jks
 +</code>
  
 Change a Java keystore password Change a Java keystore password
 +<code java>
 keytool -storepasswd -new new_storepass -keystore keystore.jks keytool -storepasswd -new new_storepass -keystore keystore.jks
 +</code>
  
 Export a certificate from a keystore Export a certificate from a keystore
 +<code java>
 keytool -export -alias mydomain -file mydomain.crt -keystore keystore.jks keytool -export -alias mydomain -file mydomain.crt -keystore keystore.jks
 +</code>
  
 List Trusted CA Certs List Trusted CA Certs
 +<code java>
 keytool -list -v -keystore $JAVA_HOME/jre/lib/security/cacerts keytool -list -v -keystore $JAVA_HOME/jre/lib/security/cacerts
 +</code>
  
 Import New CA into Trusted Certs Import New CA into Trusted Certs
 +<code java>
 keytool -import -trustcacerts -file /path/to/ca/ca.pem -alias CA_ALIAS -keystore $JAVA_HOME/jre/lib/security/cacerts keytool -import -trustcacerts -file /path/to/ca/ca.pem -alias CA_ALIAS -keystore $JAVA_HOME/jre/lib/security/cacerts
 +</code>
keytool.txt · Last modified: 2020/08/10 02:35 by 127.0.0.1