Generate a certificate with Keytool

Source: Internet
Author: User

Reprint--Http://www.cnblogs.com/tyjsjl/p/3359255.html

1. Create a certificate
C:/jdk1.5.0_04/bin>keytool-genkey-alias Xahca-keyalg Rsa-keystore Dyfcalib
Enter KeyStore Password: ADMINDYF
What is your first and last name?
[Unknown]: Xu Yunwu
What is the name of your organizational unit?
[Unknown]: Tianhe
What is your organization's name?
[Unknown]: Tianhe Co., Ltd.
What is the name of your city or region?
[Unknown]: Nanjing
What is the name of your state or province?
[Unknown]: Jiangsu
What is the two-letter country code for this unit?
[Unknown]: CN
cn= Xu Yunwu, ou= Tianhe, O= Tianhe Co., Ltd., l= Nanjing, st= Jiangsu, C=CN correct?
[No]: Y

Enter the master password for <xahCA>
(If same as KeyStore password, press ENTER): Xahadmin


2. List all certificates in the certificate library (a total of two: XAHCA and DYFCA)
C:/jdk1.5.0_04/bin>keytool-list-keystore Dyfcalib
Enter KeyStore Password: ADMINDYF

Keystore Type: JKS
Keystore by: SUN

Your keystore contains 2 inputs

XAHCA, 2006-12-16, Keyentry,
Certified fingerprint (MD5): 2C:36:A5:52:D0:4A:BA:72:60:19:2F:32:80:02:A9:C5
DYFCA, 2006-12-16, Keyentry,
Certified fingerprint (MD5): e7:8b:d8:93:1a:06:b1:b8:51:3d:13:cf:46:38:ac:77

3. List the certificates in the certificate library with the alias XAHCA
C:/jdk1.5.0_04/bin>keytool-list-v-alias Xahca-keystore Dyfcalib
Enter KeyStore Password: ADMINDYF
Alias Name: XAHCA
Date Created: 2006-12-16
INPUT type: keyentry
Certification Chain Length: 1
Certification [1]:
owner:cn= Xu Yunwu, ou= Tianhe, O= Tianhe Co., Ltd., l= Nanjing, st= Jiangsu, C=CN
Issued by: cn= Xu Yunwu, ou= Tianhe, O= Tianhe Co., Ltd., l= Nanjing, st= Jiangsu, C=CN
Sequence Number: 458400d7
Active period: Sat Dec 22:21:11 CST 2006 to: Fri Mar 22:21:11 CST 2007
Certified Fingerprint:
Md5:2c:36:a5:52:d0:4a:ba:72:60:19:2f:32:80:02:a9:c5
Sha1:e6:a2:dd:ee:d2:8f:fb:d4:85:ce:46:4f:7e:25:7f:c4:c2:69:68:df

4. Delete the certificate in the certificate store with the certificate alias XAHCA
C:/jdk1.5.0_04/bin>keytool-delete-alias Xahca-keystore Dyfcalib
Enter KeyStore Password: ADMINDYF

After deletion, the certificate in the certificate store is listed with only one remaining
C:/jdk1.5.0_04/bin>keytool-list-keystore Dyfcalib
Enter KeyStore Password: ADMINDYF

Keystore Type: JKS
Keystore by: SUN

Your keystore contains 1 inputs

DYFCA, 2006-12-16, Keyentry,
Certified fingerprint (MD5): e7:8b:d8:93:1a:06:b1:b8:51:3d:13:cf:46:38:ac:77

5. Modify the certificate password
C:/jdk1.5.0_04/bin>keytool-keypasswd-alias Dyfca-keystore Dyfcalib
Enter KeyStore Password: ADMINDYF
Enter <dyfCA> master password dyfadmin
New <dyfCA> master password: dyfadmin
Must be a different password
New <dyfCA> master password: DYF
Password is too short-must be at least 6 characters
New <dyfCA> master password: DYFPWS
Re-enter the new <dyfCA> master password: DYFPWS

6. Non-interactive password change
C:/jdk1.5.0_04/bin>keytool-keypasswd-alias Dyfca-keypass dyfpws-new Dyfadmin
-storepass Admindyf-keystore Dyfcalib

7. List the details of the certificate
C:/jdk1.5.0_04/bin>keytool-list-v-alias Dyfca-keystore Dyfcalib
Enter KeyStore Password: ADMINDYF
Alias Name: DYFCA
Date Created: 2006-12-16
INPUT type: keyentry
Certification Chain Length: 1
Certification [1]:
owner:cn= Dong Yunfei, ou=, o= Tian Yun, l= Nanjing, st= Jiangsu, C=CN
Issued by: cn= Dong Yunfei, ou=, o=, l= Nanjing, st= Jiangsu, C=CN
Sequence Number: 4583FD13
Active period: Sat Dec 22:05:07 CST 2006 to: Tue Dec 22:05:07 CST 2016
Certified Fingerprint:
Md5:e7:8b:d8:93:1a:06:b1:b8:51:3d:13:cf:46:38:ac:77
Sha1:8c:cb:76:50:db:34:35:c5:95:49:da:9e:18:22:b0:f9:af:73:c8:f5

8. Export the certificate to a certificate file (the certificate file is encoded in binary, cannot be viewed with a text editor, does not utilize the advertisement certificate)
C:/jdk1.5.0_04/bin>keytool-export-alias dyfca-file Dyfca.cer-keystore dyfcal
Ib
Enter KeyStore Password: ADMINDYF
Certificates saved in a file <dyfCA.cer>

9. Export the certificate to a certificate file (output as a printable encoding)
C:/jdk1.5.0_04/bin>keytool-export-alias dyfca-file Dyfca.cer-keystore dyfcal
Ib-rfc
Enter KeyStore Password: ADMINDYF
Certificates saved in a file <dyfCA.cer>

10. View the certificate file
C:/jdk1.5.0_04/bin>keytool-printcert-file Dyfca.cer
owner:cn= Dong Yunfei, ou=, o= Tian Yun, l= Nanjing, st= Jiangsu, C=CN
Issued by: cn= Dong Yunfei, ou=, o=, l= Nanjing, st= Jiangsu, C=CN
Sequence Number: 4583FD13
Active period: Sat Dec 22:05:07 CST 2006 to: Tue Dec 22:05:07 CST 2016
Certified Fingerprint:
Md5:e7:8b:d8:93:1a:06:b1:b8:51:3d:13:cf:46:38:ac:77
Sha1:8c:cb:76:50:db:34:35:c5:95:49:da:9e:18:22:b0:f9:af:73:c8:f5

11. Sign your own certificate
C:/jdk1.5.0_04/bin>keytool-selfcert-alias Dyfca-keystore Dyfcalib
Enter KeyStore Password: ADMINDYF
Enter <dyfCA> master password dyfadmin

Generate a certificate with Keytool

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.