Important Java Keytool commands


The Most Common Java Keytool Keystore Commands


Java Keytool is a key and certificate management utility. It allows users to manage their own public/private key pairs and certificates. It also allows users to cache certificates. Java Keytool stores the keys and certificates in what is called a keystore. By default the Java keystore is implemented as a file. It protects private keys with a password. A Keytool keystore contains the private key and any certificatesnecessary to complete a chain of trust and establish the trustworthiness of the primary certificate.
Each certificate in a Java keystore is associated with a unique alias. When creating a Java keystore you will first create the .jks file that will initially only contain the private key. You will then generate a CSR and have a certificate generated from it. Then you will import the certificate to the keystore including any root certificates. Java Keytool also several other functions that allow you to view the details of a certificate or list the certificates contained in a keystore or export a certificate.
Note: For easier management of your Java Keystores (using a GUI) check out Portecle. If you need to buy a certificate, try to compare SSL with our SSL Wizard.


Java Keytool Commands for Creating and Importing

These commands allow you to generate a new Java Keytool keystore file, create a CSR, and import certificates. Any root or intermediate certificates will need to be imported before importing the primary certificate for your domain.
  • Generate a Java keystore and key pairkeytool -genkey -alias mydomain -keyalg RSA -keystore keystore.jks -keysize 2048
  • Generate a certificate signing request (CSR) for an existing Java keystorekeytool -certreq -alias mydomain -keystore keystore.jks -file mydomain.csr
  • Import a root or intermediate CA certificate to an existing Java keystorekeytool -import -trustcacerts -alias root -file Thawte.crt -keystore keystore.jks
  • Import a signed primary certificate to an existing Java keystorekeytool -import -trustcacerts -alias mydomain -file mydomain.crt -keystore keystore.jks
  • Generate a keystore and self-signed certificate (see How to Create a Self Signed Certificate using Java Keytool for more info)keytool -genkey -keyalg RSA -alias selfsigned -keystore keystore.jks -storepass password -validity 360 -keysize 2048

Java Keytool Commands for Checking

If you need to check the information within a certificate, or Java keystore, use these commands.
  • Check a stand-alone certificatekeytool -printcert -v -file mydomain.crt
  • Check which certificates are in a Java keystorekeytool -list -v -keystore keystore.jks
  • Check a particular keystore entry using an aliaskeytool -list -v -keystore keystore.jks -alias mydomain

Other Java Keytool Commands

  • Delete a certificate from a Java Keytool keystorekeytool -delete -alias mydomain -keystore keystore.jks
  • Change a Java keystore passwordkeytool -storepasswd -new new_storepass -keystore keystore.jks
  • Export a certificate from a keystorekeytool -export -alias mydomain -file mydomain.crt -keystore keystore.jks
  • List Trusted CA Certskeytool -list -v -keystore $JAVA_HOME/jre/lib/security/cacerts
  • Import New CA into Trusted Certskeytool -import -trustcacerts -file /path/to/ca/ca.pem -alias CA_ALIAS -keystore $JAVA_HOME/jre/lib/security/cacerts
If you need to move a certificate from Java Keytool to Apache or another type of system, check out these instructions for converting a Java Keytool keystore using OpenSSL. For more information, check out theJava Keytool documentation or check out our Tomcat SSL Installation Instructions which use Java Keytool.

Comments

Anonymous said…
This comment has been removed by a blog administrator.
Anonymous said…
free online dating sites in finland http://loveepicentre.com/testimonials.php play dating simulation games
Anonymous said…
I believe that is among the most significant information for me.
And i'm satisfied studying your article. However wanna commentary on some general issues, The web site taste is great, the articles is in reality nice : D. Just right job, cheers
Here is my website - online forex
Anonymous said…
Oh my goodness! Awesome article dude! Thank you, However I am
encountering problems with your RSS. I don't know why I cannot join it. Is there anyone else having the same RSS problems? Anyone who knows the solution will you kindly respond? Thanx!!
Here is my web site - trade rush
Anonymous said…
Pretty! This has been an incredibly wonderful post. Many thanks for providing this information.
My site ... penny slot machines
Anonymous said…


This super food not only make you lose weight but also prevents you from various deadly diseases. This nutrition plan can easily lower cholesterol levels and it can also maintain blood sugar levels in your body. [url=http://greencoffeesiteme.net/]http://ghost91371.xanga.com/771164370/how-to-cure-typepure-green-coffee-bean-extract-800-mg/[/url] Whether you wish to shed just a few pounds or lose from 20 to 30 pounds, weight loss tips can make dieting, exercise, and the whole weight loss venture easier and safer for you. But remember that weight loss tips is not meant to be the only tool you can use, your effort is actually the key factor to a fast track weight loss. Any weight loss plan that doesnt contain a generous helping of seasonal greens should not be considered balanced or healthy. Just as a quick reminder lets quickly take go through why anyone should be eating veggies everyday.

Would you believe if I tell you that obtaining the will power to lose weight is by being self-centered? Yes, think no one but yourself. If you gain more weight than you do now who would suffer the most when you become obese and can not even stand on your own? Being overweight is, needless to say, jeopardy to your health. You will either have diabetes or hypertension. Either way will both result in reducing your chances to live longer. Life is beautiful! And it will be most wonderful when you can enjoy all the amazing things in life by being physically fit. Strength training is an important part of fast weight loss. Weight machines are good options because you operate them from a seated or lying position. Perform exercises that target all of your major muscles, such as chest presses, shoulder presses, back rows, tricep extensions, bicep curls and leg presses. By building muscle, you will increase your resting metabolic rate and cause faster weight loss. According to the University of Michigan, 1 lb. of added muscle burns between 30 and 50 extra calories a day. [url=http://wegreencoffeebeanextract.net/]http://evelynefru.livejournal.com/887.html[/url] I began to enter the next set of four numbers of my debit card. Then I took a break and started scrolling through my Facebook updates. My friend Allyson had just posted a link entitled "MyFitness Pal: Allyson lost three pounds this week." I was intrigued, to say the least...

Popular posts from this blog

PostgreSQL bytea and oid

Adding MySQL datasource to JBOSS AS 7

Microservices Architecture with Spring Boot in 15mins