Java KeyTool

Java Keytool is command line utility which are used to generate certificates.  This certificate management utility helps to create pair of key's like private and public key to help communication between server and client through secure channel.

This command line utility can be access from following path JAVA_HOME/bin/ folder.

To run this keytool utility we need to install Java SDK and keep tool.jar and rt.jar in classpath.

Let see what we can do with keytool utility.

  • We can generate java certificates with extension as .jks.

  • These certificates can have public and private keys.

  • We can import and export the certificates.

  • We can list the certificates.

  • We can pint the certificates.

  • We can create Self signed certificates.

  • We can extend the key size of certificates.
  • We delete the old certificates.

Let see what you get when you run ./keytool through command line.

Key and Certificate Management Tool


 -certreq            Generates a certificate request
 -changealias        Changes an entry's alias
 -delete             Deletes an entry
 -exportcert         Exports certificate
 -genkeypair         Generates a key pair
 -genseckey          Generates a secret key
 -gencert            Generates certificate from a certificate request
 -importcert         Imports a certificate or a certificate chain
 -importkeystore     Imports one or all entries from another keystore
 -keypasswd          Changes the key password of an entry
 -list               Lists entries in a keystore
 -printcert          Prints the content of a certificate
 -printcertreq       Prints the content of a certificate request
 -printcrl           Prints the content of a CRL file
 -storepasswd        Changes the store password of a keystore

Use "keytool -command_name -help" for usage of command_name

No comments:

Post a Comment