User Tools

Site Tools


keytool

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision
Previous revision
Last revisionBoth sides next revision
keytool [2011/04/28 06:42] – created k2patelkeytool [2011/04/28 06:45] k2patel
Line 7: Line 7:
  
 Generate a Java keystore and key pair Generate a Java keystore and key pair
 +<code java>
 keytool -genkey -alias mydomain -keyalg RSA -keystore keystore.jks -keysize 2048 keytool -genkey -alias mydomain -keyalg RSA -keystore keystore.jks -keysize 2048
 +</code>
  
 Generate a certificate signing request (CSR) for an existing Java keystore Generate a certificate signing request (CSR) for an existing Java keystore
 +<code java>
 keytool -certreq -alias mydomain -keystore keystore.jks -file mydomain.csr keytool -certreq -alias mydomain -keystore keystore.jks -file mydomain.csr
 +</code>
  
 Import a root or intermediate CA certificate to an existing Java keystore Import a root or intermediate CA certificate to an existing Java keystore
 +<code java>
 keytool -import -trustcacerts -alias root -file Thawte.crt -keystore keystore.jks keytool -import -trustcacerts -alias root -file Thawte.crt -keystore keystore.jks
 +</code>
  
 Import a signed primary certificate to an existing Java keystore Import a signed primary certificate to an existing Java keystore
 +<code java>
 keytool -import -trustcacerts -alias mydomain -file mydomain.crt -keystore keystore.jks keytool -import -trustcacerts -alias mydomain -file mydomain.crt -keystore keystore.jks
 +</code>
  
 Generate a keystore and self-signed certificate (see How to Create a Self Signed Certificate using Java Keytool for more info) Generate a keystore and self-signed certificate (see How to Create a Self Signed Certificate using Java Keytool for more info)
 +<code java>
 keytool -genkey -keyalg RSA -alias selfsigned -keystore keystore.jks -storepass password -validity 360 -keysize 2048 keytool -genkey -keyalg RSA -alias selfsigned -keystore keystore.jks -storepass password -validity 360 -keysize 2048
 +</code>
  
 ==== Java Keytool Commands for Checking ==== ==== Java Keytool Commands for Checking ====
Line 27: Line 37:
  
 Check a stand-alone certificate Check a stand-alone certificate
 +<code java>
 keytool -printcert -v -file mydomain.crt keytool -printcert -v -file mydomain.crt
 +</code>
  
 Check which certificates are in a Java keystore Check which certificates are in a Java keystore
 +<code java>
 keytool -list -v -keystore keystore.jks keytool -list -v -keystore keystore.jks
 +</code>
  
 Check a particular keystore entry using an alias Check a particular keystore entry using an alias
 +<code java>
 keytool -list -v -keystore keystore.jks -alias mydomain keytool -list -v -keystore keystore.jks -alias mydomain
 +</code>
  
 ==== Other Java Keytool Commands ==== ==== Other Java Keytool Commands ====
Line 39: Line 55:
  
 Delete a certificate from a Java Keytool keystore Delete a certificate from a Java Keytool keystore
 +<code java>
 keytool -delete -alias mydomain -keystore keystore.jks keytool -delete -alias mydomain -keystore keystore.jks
 +</code>
  
 Change a Java keystore password Change a Java keystore password
 +<code java>
 keytool -storepasswd -new new_storepass -keystore keystore.jks keytool -storepasswd -new new_storepass -keystore keystore.jks
 +</code>
  
 Export a certificate from a keystore Export a certificate from a keystore
 +<code java>
 keytool -export -alias mydomain -file mydomain.crt -keystore keystore.jks keytool -export -alias mydomain -file mydomain.crt -keystore keystore.jks
 +</code>
  
 List Trusted CA Certs List Trusted CA Certs
 +<code java>
 keytool -list -v -keystore $JAVA_HOME/jre/lib/security/cacerts keytool -list -v -keystore $JAVA_HOME/jre/lib/security/cacerts
 +</code>
  
 Import New CA into Trusted Certs Import New CA into Trusted Certs
 +<code java>
 keytool -import -trustcacerts -file /path/to/ca/ca.pem -alias CA_ALIAS -keystore $JAVA_HOME/jre/lib/security/cacerts keytool -import -trustcacerts -file /path/to/ca/ca.pem -alias CA_ALIAS -keystore $JAVA_HOME/jre/lib/security/cacerts
 +</code>
keytool.txt · Last modified: 2020/08/10 02:35 by 127.0.0.1