Difference between revisions of "Keytool"

From wikieduonline
Jump to navigation Jump to search
 
(15 intermediate revisions by the same user not shown)
Line 1: Line 1:
 +
{{lowercase}}
 +
[[Java]] <code>keytool</code> command
 +
 +
 
Manage [[private keys]] and [[public certificates]]
 
Manage [[private keys]] and [[public certificates]]
  
keytool -list -keystore ..\lib\security\[[cacerts]]
+
* <code>[[keytool -list]] -keystore ..\lib\security\[[cacerts]]</code>
keytool -list -keystore /opt/java/openjdk/jre/lib/security/cacerts
+
* <code> keytool -list -keystore /opt/java/openjdk/jre/lib/security/cacerts</code>
 +
<pre>
 +
Enter keystore password:
 +
 
 +
*****************  WARNING WARNING WARNING  *****************
 +
* The integrity of the information stored in your keystore  *
 +
* has NOT been verified!  In order to verify its integrity, *
 +
* you must provide your keystore password.                  *
 +
*****************  WARNING WARNING WARNING  *****************
 +
 
 +
Keystore type: jks
 +
Keystore provider: SUN
 +
 
 +
Your keystore contains 95 entries
 +
.../...
 +
</pre>
 +
 
 +
 
 +
keytool -list
 +
keytool error: java.lang.Exception: Keystore file does not exist: /root/.keystore
 +
 
 +
 
 +
 
 +
[[keytool -importcert]]
  
 
Trusted Certificate is a signed [[X.509]] [[certificate]] issued by a trusted entity.
 
Trusted Certificate is a signed [[X.509]] [[certificate]] issued by a trusted entity.
  
cacerts
+
[[cacerts]]
 
  /opt/java/openjdk/jre/lib/security/cacerts
 
  /opt/java/openjdk/jre/lib/security/cacerts
  
  
 +
<pre>
 +
Key and Certificate Management Tool
 +
 +
Commands:
 +
 +
-certreq            Generates a certificate request
 +
-changealias        Changes an entry's alias
 +
-delete            Deletes an entry
 +
-exportcert        Exports certificate
 +
-genkeypair        Generates a key pair
 +
-genseckey          Generates a secret key
 +
-gencert            Generates certificate from a certificate request
 +
-importcert        Imports a certificate or a certificate chain
 +
-importpass        Imports a password
 +
-importkeystore    Imports one or all entries from another keystore
 +
-keypasswd          Changes the key password of an entry
 +
-list              Lists entries in a keystore
 +
-printcert          Prints the content of a certificate
 +
-printcertreq      Prints the content of a certificate request
 +
-printcrl          Prints the content of a CRL file
 +
-storepasswd        Changes the store password of a keystore
 +
 +
Use "keytool -command_name -help" for usage of command_name
 +
</pre>
 +
 +
== Related ==
 +
* <code>[[openssl]]</code>
  
 
== See also ==
 
== See also ==
 
* https://linux.die.net/man/1/gkeytool
 
* https://linux.die.net/man/1/gkeytool
 
+
* {{JVM}}
 +
* {{openssl}}
 +
* {{CA}}
  
  
 
[[Category:Security]]
 
[[Category:Security]]
 +
[[Category:cryptography]]

Latest revision as of 10:45, 12 September 2023

Java keytool command


Manage private keys and public certificates

  • keytool -list -keystore ..\lib\security\cacerts
  • keytool -list -keystore /opt/java/openjdk/jre/lib/security/cacerts
Enter keystore password:

*****************  WARNING WARNING WARNING  *****************
* The integrity of the information stored in your keystore  *
* has NOT been verified!  In order to verify its integrity, *
* you must provide your keystore password.                  *
*****************  WARNING WARNING WARNING  *****************

Keystore type: jks
Keystore provider: SUN

Your keystore contains 95 entries
.../...


keytool -list
keytool error: java.lang.Exception: Keystore file does not exist: /root/.keystore


keytool -importcert

Trusted Certificate is a signed X.509 certificate issued by a trusted entity.

cacerts

/opt/java/openjdk/jre/lib/security/cacerts


Key and Certificate Management Tool

Commands:

 -certreq            Generates a certificate request
 -changealias        Changes an entry's alias
 -delete             Deletes an entry
 -exportcert         Exports certificate
 -genkeypair         Generates a key pair
 -genseckey          Generates a secret key
 -gencert            Generates certificate from a certificate request
 -importcert         Imports a certificate or a certificate chain
 -importpass         Imports a password
 -importkeystore     Imports one or all entries from another keystore
 -keypasswd          Changes the key password of an entry
 -list               Lists entries in a keystore
 -printcert          Prints the content of a certificate
 -printcertreq       Prints the content of a certificate request
 -printcrl           Prints the content of a CRL file
 -storepasswd        Changes the store password of a keystore

Use "keytool -command_name -help" for usage of command_name

Related[edit]

See also[edit]

Advertising: