Difference between revisions of "Keytool"
Jump to navigation
Jump to search
(15 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
+ | {{lowercase}} | ||
+ | [[Java]] <code>keytool</code> command | ||
+ | |||
+ | |||
Manage [[private keys]] and [[public certificates]] | Manage [[private keys]] and [[public certificates]] | ||
− | + | * <code>[[keytool -list]] -keystore ..\lib\security\[[cacerts]]</code> | |
− | + | * <code> keytool -list -keystore /opt/java/openjdk/jre/lib/security/cacerts</code> | |
+ | <pre> | ||
+ | Enter keystore password: | ||
+ | |||
+ | ***************** WARNING WARNING WARNING ***************** | ||
+ | * The integrity of the information stored in your keystore * | ||
+ | * has NOT been verified! In order to verify its integrity, * | ||
+ | * you must provide your keystore password. * | ||
+ | ***************** WARNING WARNING WARNING ***************** | ||
+ | |||
+ | Keystore type: jks | ||
+ | Keystore provider: SUN | ||
+ | |||
+ | Your keystore contains 95 entries | ||
+ | .../... | ||
+ | </pre> | ||
+ | |||
+ | |||
+ | keytool -list | ||
+ | keytool error: java.lang.Exception: Keystore file does not exist: /root/.keystore | ||
+ | |||
+ | |||
+ | |||
+ | [[keytool -importcert]] | ||
Trusted Certificate is a signed [[X.509]] [[certificate]] issued by a trusted entity. | Trusted Certificate is a signed [[X.509]] [[certificate]] issued by a trusted entity. | ||
− | cacerts | + | [[cacerts]] |
/opt/java/openjdk/jre/lib/security/cacerts | /opt/java/openjdk/jre/lib/security/cacerts | ||
+ | <pre> | ||
+ | Key and Certificate Management Tool | ||
+ | |||
+ | Commands: | ||
+ | |||
+ | -certreq Generates a certificate request | ||
+ | -changealias Changes an entry's alias | ||
+ | -delete Deletes an entry | ||
+ | -exportcert Exports certificate | ||
+ | -genkeypair Generates a key pair | ||
+ | -genseckey Generates a secret key | ||
+ | -gencert Generates certificate from a certificate request | ||
+ | -importcert Imports a certificate or a certificate chain | ||
+ | -importpass Imports a password | ||
+ | -importkeystore Imports one or all entries from another keystore | ||
+ | -keypasswd Changes the key password of an entry | ||
+ | -list Lists entries in a keystore | ||
+ | -printcert Prints the content of a certificate | ||
+ | -printcertreq Prints the content of a certificate request | ||
+ | -printcrl Prints the content of a CRL file | ||
+ | -storepasswd Changes the store password of a keystore | ||
+ | |||
+ | Use "keytool -command_name -help" for usage of command_name | ||
+ | </pre> | ||
+ | |||
+ | == Related == | ||
+ | * <code>[[openssl]]</code> | ||
== See also == | == See also == | ||
* https://linux.die.net/man/1/gkeytool | * https://linux.die.net/man/1/gkeytool | ||
− | + | * {{JVM}} | |
+ | * {{openssl}} | ||
+ | * {{CA}} | ||
[[Category:Security]] | [[Category:Security]] | ||
+ | [[Category:cryptography]] |
Latest revision as of 10:45, 12 September 2023
Java keytool
command
Manage private keys and public certificates
keytool -list -keystore ..\lib\security\cacerts
keytool -list -keystore /opt/java/openjdk/jre/lib/security/cacerts
Enter keystore password: ***************** WARNING WARNING WARNING ***************** * The integrity of the information stored in your keystore * * has NOT been verified! In order to verify its integrity, * * you must provide your keystore password. * ***************** WARNING WARNING WARNING ***************** Keystore type: jks Keystore provider: SUN Your keystore contains 95 entries .../...
keytool -list keytool error: java.lang.Exception: Keystore file does not exist: /root/.keystore
keytool -importcert
Trusted Certificate is a signed X.509 certificate issued by a trusted entity.
/opt/java/openjdk/jre/lib/security/cacerts
Key and Certificate Management Tool Commands: -certreq Generates a certificate request -changealias Changes an entry's alias -delete Deletes an entry -exportcert Exports certificate -genkeypair Generates a key pair -genseckey Generates a secret key -gencert Generates certificate from a certificate request -importcert Imports a certificate or a certificate chain -importpass Imports a password -importkeystore Imports one or all entries from another keystore -keypasswd Changes the key password of an entry -list Lists entries in a keystore -printcert Prints the content of a certificate -printcertreq Prints the content of a certificate request -printcrl Prints the content of a CRL file -storepasswd Changes the store password of a keystore Use "keytool -command_name -help" for usage of command_name
Related[edit]
See also[edit]
- https://linux.die.net/man/1/gkeytool
- JVM,
keytool
, JVM arguments,Xmx, Xms, Java.lang.OutOfMemoryError
, Oops, Java bytecode openssl
[rand | s_client | passwd
|openssl req
|openssl rsa
|openssl genrsa
|openssl x509
|openssl ca
|openssl verify
|openssl ec
|openssl dgst
|openssl pkcs12
|openssl asn1parse
|openssl help
|.cer to .pem, openssl version
- CA, Root Certificates, FreeIPA, PKI, OpenCA, Wildcard certificate,
certtool
,certbot
(Let's Encrypt),certinfo
(Cloudflare), ACME, Boulder,cfssl
(Cloudflare), Public key certificate, public key, TLS and X.509, OCSP, Subject Alternative Name (SAN),openssl ca
, Self signed certificate, CSR,keytool
, ACM, KMS,aws acm
, IdenTrust, multirootca, cert-manager, ca_cert_identifier
Advertising: