The Most Common Java Keytool Keystore Commands
  • info@comparecheapssl.com
Java KeyToolKeyStore Commands

10/24/2020 by admin with 0 comments

The Most Common Java Keytool Keystore Commands


Java KeyToolKeyStore Commands

The platform that manages the private keys and certificates is called Java Keytool. It has the ability through which public/private keys and certificate manage in addition to caching certificates. The storing place of keys and certificates is named by Java as Keystore. Java Keystore represents a file. The private keys are protected with a password in Keystore. The chain of trust and primary certificate trustworthiness is established by Keytool Keystore that is necessary to protect the private keys and certificates.

 

A unique alias is associated with each certificate in Java Keystore. First, you have to create a .jks file that will initially consist of only private keys. After that CSR needs to be generated from which certificate will be generated. Then the certificate should be imported into the Keystore including root certificates. There are various functions that are performed by the Java Keytool like viewing of certificate details or list of certificates consist of export a certificate.

 

What is Java Keytool Keystore

This is a platform that stores the private keys and certificates which is important for the chain of trust and primary certificate authentication. In this creation of domain take place of a primary certificate.

 

Java Keytool Commands for Creating and Importing

Let’s start with the most basic and generate commands on how to import keys and certificates.

Java Keystore and Keypair generation

keytool –genkey –alias mydomain –keyalg RSA –keystorekeystore.jks –keysize 2048

CSR (Certificate signing request) generation for an existing Java keystore

keytool –certreg –alias mydomain –keystorekeystore.jks –file mydomain.csr

Importing Root or intermediate certificate to an existing Java keystore

keytool –import –trustcacerts –alias root –file Thawte.crt –keystorekeystore.jks

Importing of signed primary certificate to an existing Java keystore

keytool –import –trustcacerts –alias mydomain –file mydomain.crt –keystorekeystore.jks

Keystore and self-signed certificate generation

keytool –genkey –keyalg RSA –alias selfsigned–keystorekeystore.jks–storepass password –validity 360 –keysize 2048

Java Keytool Commands for Checking

Use the below commands if you want to check the information contained in a certificate.

Stand-alone certificate

keytool –printcert –v –file mydomain.crt

Java keystore certificate check

keytool –list –v –keystorekeystore.jks

Check a particular keystore entry using an alias

keytool –list –v –keystorekeystore.jks –alias mydomain

Other Java Keytool Commands

Certificate delete from Java Keytool keystore

keytool –delete –alias mydomain –keystorekeystore.jks

Java keystore password change

keytool –storepasswd –new new_storepass –keystorekeystore.jks

Export certificate from a keystore

keytool –export –alias mydomain –file mydomain.crt –keystorekeystore.jks

Trusted CA certs list

keytool –list –v –keystore $JAVA_HOME/jre/lib/security/cacerts

New CA import into Trusted certs

keytool –import –trustcacerts –file /path/to/ca/ca.pem –alias CA_ALIAS –keystore $JAVA_HOME/jre/lib/security/cacerts

Leave Comment