Home > Others

Generate a certificate with Keytool

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Reprint--Http://www.cnblogs.com/tyjsjl/p/3359255.html

1. Create a certificate
C:/jdk1.5.0_04/bin>keytool-genkey-alias Xahca-keyalg Rsa-keystore Dyfcalib
Enter KeyStore Password: ADMINDYF
What is your first and last name?
[Unknown]: Xu Yunwu
What is the name of your organizational unit?
[Unknown]: Tianhe
What is your organization's name?
[Unknown]: Tianhe Co., Ltd.
What is the name of your city or region?
[Unknown]: Nanjing
What is the name of your state or province?
[Unknown]: Jiangsu
What is the two-letter country code for this unit?
[Unknown]: CN
cn= Xu Yunwu, ou= Tianhe, O= Tianhe Co., Ltd., l= Nanjing, st= Jiangsu, C=CN correct?
[No]: Y

Enter the master password for <xahCA>
(If same as KeyStore password, press ENTER): Xahadmin


2. List all certificates in the certificate library (a total of two: XAHCA and DYFCA)
C:/jdk1.5.0_04/bin>keytool-list-keystore Dyfcalib
Enter KeyStore Password: ADMINDYF

Keystore Type: JKS
Keystore by: SUN

Your keystore contains 2 inputs

XAHCA, 2006-12-16, Keyentry,
Certified fingerprint (MD5): 2C:36:A5:52:D0:4A:BA:72:60:19:2F:32:80:02:A9:C5
DYFCA, 2006-12-16, Keyentry,
Certified fingerprint (MD5): e7:8b:d8:93:1a:06:b1:b8:51:3d:13:cf:46:38:ac:77

3. List the certificates in the certificate library with the alias XAHCA
C:/jdk1.5.0_04/bin>keytool-list-v-alias Xahca-keystore Dyfcalib
Enter KeyStore Password: ADMINDYF
Alias Name: XAHCA
Date Created: 2006-12-16
INPUT type: keyentry
Certification Chain Length: 1
Certification [1]:
owner:cn= Xu Yunwu, ou= Tianhe, O= Tianhe Co., Ltd., l= Nanjing, st= Jiangsu, C=CN
Issued by: cn= Xu Yunwu, ou= Tianhe, O= Tianhe Co., Ltd., l= Nanjing, st= Jiangsu, C=CN
Sequence Number: 458400d7
Active period: Sat Dec 22:21:11 CST 2006 to: Fri Mar 22:21:11 CST 2007
Certified Fingerprint:
Md5:2c:36:a5:52:d0:4a:ba:72:60:19:2f:32:80:02:a9:c5
Sha1:e6:a2:dd:ee:d2:8f:fb:d4:85:ce:46:4f:7e:25:7f:c4:c2:69:68:df

4. Delete the certificate in the certificate store with the certificate alias XAHCA
C:/jdk1.5.0_04/bin>keytool-delete-alias Xahca-keystore Dyfcalib
Enter KeyStore Password: ADMINDYF

After deletion, the certificate in the certificate store is listed with only one remaining
C:/jdk1.5.0_04/bin>keytool-list-keystore Dyfcalib
Enter KeyStore Password: ADMINDYF

Keystore Type: JKS
Keystore by: SUN

Your keystore contains 1 inputs

DYFCA, 2006-12-16, Keyentry,
Certified fingerprint (MD5): e7:8b:d8:93:1a:06:b1:b8:51:3d:13:cf:46:38:ac:77

5. Modify the certificate password
C:/jdk1.5.0_04/bin>keytool-keypasswd-alias Dyfca-keystore Dyfcalib
Enter KeyStore Password: ADMINDYF
Enter <dyfCA> master password dyfadmin
New <dyfCA> master password: dyfadmin
Must be a different password
New <dyfCA> master password: DYF
Password is too short-must be at least 6 characters
New <dyfCA> master password: DYFPWS
Re-enter the new <dyfCA> master password: DYFPWS

6. Non-interactive password change
C:/jdk1.5.0_04/bin>keytool-keypasswd-alias Dyfca-keypass dyfpws-new Dyfadmin
-storepass Admindyf-keystore Dyfcalib

7. List the details of the certificate
C:/jdk1.5.0_04/bin>keytool-list-v-alias Dyfca-keystore Dyfcalib
Enter KeyStore Password: ADMINDYF
Alias Name: DYFCA
Date Created: 2006-12-16
INPUT type: keyentry
Certification Chain Length: 1
Certification [1]:
owner:cn= Dong Yunfei, ou=, o= Tian Yun, l= Nanjing, st= Jiangsu, C=CN
Issued by: cn= Dong Yunfei, ou=, o=, l= Nanjing, st= Jiangsu, C=CN
Sequence Number: 4583FD13
Active period: Sat Dec 22:05:07 CST 2006 to: Tue Dec 22:05:07 CST 2016
Certified Fingerprint:
Md5:e7:8b:d8:93:1a:06:b1:b8:51:3d:13:cf:46:38:ac:77
Sha1:8c:cb:76:50:db:34:35:c5:95:49:da:9e:18:22:b0:f9:af:73:c8:f5

8. Export the certificate to a certificate file (the certificate file is encoded in binary, cannot be viewed with a text editor, does not utilize the advertisement certificate)
C:/jdk1.5.0_04/bin>keytool-export-alias dyfca-file Dyfca.cer-keystore dyfcal
Ib
Enter KeyStore Password: ADMINDYF
Certificates saved in a file <dyfCA.cer>

9. Export the certificate to a certificate file (output as a printable encoding)
C:/jdk1.5.0_04/bin>keytool-export-alias dyfca-file Dyfca.cer-keystore dyfcal
Ib-rfc
Enter KeyStore Password: ADMINDYF
Certificates saved in a file <dyfCA.cer>

10. View the certificate file
C:/jdk1.5.0_04/bin>keytool-printcert-file Dyfca.cer
owner:cn= Dong Yunfei, ou=, o= Tian Yun, l= Nanjing, st= Jiangsu, C=CN
Issued by: cn= Dong Yunfei, ou=, o=, l= Nanjing, st= Jiangsu, C=CN
Sequence Number: 4583FD13
Active period: Sat Dec 22:05:07 CST 2006 to: Tue Dec 22:05:07 CST 2016
Certified Fingerprint:
Md5:e7:8b:d8:93:1a:06:b1:b8:51:3d:13:cf:46:38:ac:77
Sha1:8c:cb:76:50:db:34:35:c5:95:49:da:9e:18:22:b0:f9:af:73:c8:f5

11. Sign your own certificate
C:/jdk1.5.0_04/bin>keytool-selfcert-alias Dyfca-keystore Dyfcalib
Enter KeyStore Password: ADMINDYF
Enter <dyfCA> master password dyfadmin

Generate a certificate with Keytool

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
keytool import certificate java keytool import certificate keytool import certificate chain keytool export certificate how to create x509 certificate using keytool keytool generate ecc certificate openssl

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More