keytool简明用法
来源:互联网 发布:数据分析师培训多少钱 编辑:程序博客网 时间:2024/06/06 03:14
Java Keytool is a key and certificate management utility. It allows users to manage their own public/private key pairs and certificates. Java Keytool stores the keys and certificates in what is called a keystore. A Keytool keystore contains the private key and any certificates necessary to complete a chain of trust and establish the trustworthiness of the primary certificate.
Each certificate in a Java keystore is associated with a unique alias. When creating a Java keystore you will first create the .jks file that will initially only contain the private key. You will then generate a CSR and have a certificate generated from it. Then you will import the certificate to the keystore including any root certificates.
Below, we have listed the most common Java Keytool keystore commands and their usage:
Java Keytool Commands for Creating and Importing
These commands allow you to generate a new Java Keytool keystore file, create a CSR, and import certificates. Any root or intermediate certificates will need to be imported before importing the primary certificate for your domain.
- Generate a Java keystore and key pair
keytool -genkey -alias mydomain -keyalg RSA -keystore keystore.jks
- Generate a certificate signing request (CSR) for an existing Java keystore
keytool -certreq -alias "mydomain" -keystore keystore.jks -file mydomain.csr
- Import a root or intermediate CA certificate to an existing Java keystore
keytool -import -trustcacerts -alias root -file Thawte.crt -keystore keystore.jks
- Import a signed primary certificate to an existing Java keystore
keytool -import -trustcacerts -alias mydomain -file mydomain.crt -keystore keystore.jks
- Generate a keystore and self-signed certificate
keytool -genkey -keyalg RSA -alias "selfsigned" -keystore keystore.jks -storepass "password" -validity 360
Java Keytool Commands for Checking
If you need to check the information within a certificate, or Java keystore, use these commands.
- Check a stand-alone certificate
keytool -printcert -v -file mydomain.crt
- Check which certificates are in a Java keystore
keytool -list -v -keystore keystore.jks
- Check a particular keystore entry using an alias
keytool -list -v -keystore keystore.jks -alias mydomain
Other Java Keytool Commands
- Delete a certificate from a Java Keytool keystore
keytool -delete -alias "mydomain" -keystore keystore.jks
- Change a Java keystore password
keytool -storepasswd -new new_storepass -keystore keystore.jks
- Export a certificate from a keystore
keytool -export -alias mydomain -file mydomain.crt
- List Trusted CA Certs
keytool -list -v -keystore $JAVA_HOME/jre/lib/security/cacerts
- Import New CA into Trusted Certs
keytool -import -trustcacerts -file /path/to/ca/ca.pem -alias CA_ALIAS -keystore $JAVA_HOME/jre/lib/security/cacerts
FROM: http://nl.globalsign.com/en/support/ssl+certificates/java/java+based+webserver/keytool+commands/
- keytool简明用法
- keytool 用法
- keytool 用法
- Keytool用法
- keytool用法
- keytool用法
- keytool用法
- KeyTool的用法
- java keytool用法
- 关于keytool用法
- 关于keytool用法
- java 数字证书keytool用法
- keytool用法及说明
- java 数字证书keytool用法
- keytool用法及说明
- KeyTool的用法
- 关于keytool用法
- java keytool用法
- Android:native和上层framework基于socket进行通讯
- eclipse添加logcat显示
- 使用crosstool_ng来创建交叉编译器
- Accesskey standards
- http协议
- keytool简明用法
- c语言scanf缓冲区问题
- CIO如何面对热点趋势
- 在TreeView节点上点击右键触发选中该节点的方法
- Cocos2d-x跨Android&iOS平台开发入门
- 使用U盘PE安装系统,显示安装程序无法重新启动计算机,请关闭所有应用程序并且关机,以便继续进行XP安装。找不到网络路径。的解决方法
- 《代码大全》- 12.4 字符和字符串
- mysql 删除数据库表中重复记录
- 每天学习一点点