Currently there are three ways to generate the Keystores through command line using Keytool or jarsigner and through GUI we can use policytool.
Lets take a look more details on Keytool command. To execute the keytool we required rt.jar and tools.jar.
Lets take a look more details on Keytool command. To execute the keytool we required rt.jar and tools.jar.
keytool utility is run thorugh following class "KeyTool" and package is "sun.security.tools" and its class type is final.
eg:
package sun.security.tools;
public final class KeyTool
{
}
Find few important commands under KeyTool class.
CERTREQ : Generates.a.certificate.request
CHANGEALIAS : Changes.an.entry.s.alias
DELETE : Deletes.an.entry
EXPORTCERT : Exports.certificate
GENKEYPAIR : Generates.a.key.pair
GENSECKEY : Generates.a.secret.key
GENCERT : Generates.certificate.from.a.certificate.request
IMPORTCERT : Imports.a.certificate.or.a.certificate.chain
IMPORTKEYSTORE : Imports.one.or.all.entries.from.another.keystore
KEYPASSWD : Changes.the.key.password.of.an.entry
LIST : Lists.entries.in.a.keystore
PRINTCERT : Prints.the.content.of.a.certificate
PRINTCERTREQ : Prints.the.content.of.a.certificate.request
PRINTCRL : Prints.the.content.of.a.CRL.file
STOREPASSWD : Changes.the.store.password.of.a.keystore
KEYCLONE : Clones.a.key.entry
SELFCERT : Generates.a.self.signed.certificate
GENCRL : Generates.CRL
IDENTITYDB : Imports.entries.from.a.JDK.1.1.x.style.identity.database
Find few important Options under KeyTool class.
ALIAS : alias.name.of.the.entry.to.process
DESTALIAS : destination.alias
DESTKEYPASS : destination.key.password
DESTKEYSTORE : destination.keystore.name
DESTPROTECTED : destination.keystore.password.protected
DESTPROVIDERNAME : destination.keystore.provider.name
DESTSTOREPASS : destination.keystore.password
DESTSTORETYPE : destination.keystore.type
DNAME : distinguished.name
EXT : X.509.extension
FILEOUT: output.file.name
FILEIN : input.file.name
ID : Serial.ID.of.cert.to.revoke
INFILE : input.file.name
KEYALG : key.algorithm.name
KEYPASS : key.password
KEYSIZE : key.bit.size
KEYSTORE : keystore.name
NEW : new.password
NOPROMPT : do.not.prompt
OUTFILE output.file.name
PROTECTED : password.through.protected.mechanism
PROVIDERARG : provider.argument
PROVIDERCLASS : provider.class.name
PROVIDERNAME : provider.name
PROVIDERPATH provider.classpath
RFC : output.in.RFC.style
SIGALG: signature.algorithm.name
SRCALIAS : source.alias
SRCKEYPASS : source.key.password
SRCKEYSTORE : source.keystore.name
SRCPROTECTED : source.keystore.password.protected
SRCPROVIDERNAME : source.keystore.provider.name
SRCSTOREPASS : source.keystore.password
SRCSTORETYPE : source.keystore.type
SSLSERVER : SSL.server.host.and.port
JARFILE : signed.jar.file
STARTDATE : certificate.validity.start.date.time
STOREPASS : keystore.password
STORETYPE : keystore.type
TRUSTCACERTS : trust.certificates.from.cacerts
V : verbose.output
VALIDITY : validity.number.of.days
0 Comments