Keytool is a key and certificate management tool. It enables users to manage their own public/private key pairs and related certificates for self-authentication (via digital signatures) or data integrity and authentication services (for users to authenticate themselves to other users/services). This tool is included in the version of JDK 1.4 and is located in%java_home%\bin\keytool.exe, as shown in:
Twothe use of Keytool
Third, create a certificate
Creating a certificate is primarily using " -genkeypair", which has the following parameters:
Example: Generate a certificate named Test1
CMD code
1 Keytool-genkeypair-alias "test1"-keyalg "RSA"-keystore "Test.keystore"
Function:
Create a certificate with an alias of Test1, which is stored in the KeyStore named Test.keystore and created if the Test.keystore KeyStore does not exist.
Parameter description:
-genkeypair: Generate a pair of asymmetric keys;
-alias: Specifies the alias of the key pair, which is public; -KEYALG: Specifies the encryption algorithm, in this case, the use of a common RAS encryption algorithm;
-keystore: The path and name of the KeyStore, not specified, generates a ". KeyStore" file by default in the user directory of the operating system
Attention:
1. The KeyStore password must be at least 6 characters, can be a pure number or a combination of letters or numbers and letters, etc.
2."First and last name" should be the input domain name, not our personal name, the other can not be filled
After executing the above command, a "Test.keystore" file is generated under the user directory of the operating system as shown in:
Iv. View the certificate inside the KeyStore
Example: View Test.keystore All certificates in this KeyStore
CMD code
V. Exporting to a certificate file1 Keytool-list-keystore Test.keystore
Example: Export a certificate entry with the alias Test1 in the certificate library named Test.keystore to the certificate file Test.crt
CMD code
1 Keytool-export-alias test1-file Test.crt-keystore test.keystore
Run Result: a "test.crt" file is generated under the operating system's user directory (GACL), as shown in:
VI. Import Certificate
Example: Importing a certificate file Test.crt into a certificate library named Test_cacerts
CMD code:
Vii. Viewing certificate information1 Keytool-import-keystore test_cacerts-file test.crt
Example: View information for a certificate file test.crt
CMD code:
Viii. deleting entries in the KeyStore1 Keytool-printcert-file "TEST.CRT"
Example: Deleting a certificate entry with an alias of Test1 in the KeyStore test.keystore
CMD code:
Ix. change the password of the certificate entry1 Keytool-delete-keystore test.keystore-alias Test1
Example: Change the password for a certificate entry that is aliased to test2 in KeyStore Test.keystore to xdp123456
CMD code:
1 Keytool-keypasswd-alias test2-keystore Test.keystore
Java Production Certificate Tools Keytool Usage Summary
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
