Currently there are three ways to generate the Keystores through command line using Keytool or jarsigner and through GUI we can use policytool.
Lets take a look more details on Keytool command. To execute the keytool we required rt.jar and tools.jar.
rt.jar will be under JAVA_HOME/jre/lib directory and tools.jar can be find under JAVA_HOME/lib.
keytool utility is run thorugh following class "KeyTool" and package is "sun.security.tools" and its class type is final.
eg:
package sun.security.tools;
public final class KeyTool
{
}
Find few important commands under KeyTool class.
CERTREQ : Generates.a.certificate.request
CHANGEALIAS : Changes.an.entry.s.alias
DELETE : Deletes.an.entry
EXPORTCERT : Exports.certificate
GENKEYPAIR : Generates.a.key.pair
GENSECKEY : Generates.a.secret.key
GENCERT : Generates.certificate.from.a.certificate.request
IMPORTCERT : Imports.a.certificate.or.a.certificate.chain
IMPORTKEYSTORE : Imports.one.or.all.entries.from.another.keystore
KEYPASSWD : Changes.the.key.password.of.an.entry
LIST : Lists.entries.in.a.keystore
PRINTCERT : Prints.the.content.of.a.certificate
PRINTCERTREQ : Prints.the.content.of.a.certificate.request
PRINTCRL : Prints.the.content.of.a.CRL.file
STOREPASSWD : Changes.the.store.password.of.a.keystore
KEYCLONE : Clones.a.key.entry
SELFCERT : Generates.a.self.signed.certificate
GENCRL : Generates.CRL
IDENTITYDB : Imports.entries.from.a.JDK.1.1.x.style.identity.database
Find few important Options under KeyTool class.
ALIAS : alias.name.of.the.entry.to.process
DESTALIAS : destination.alias
DESTKEYPASS : destination.key.password
DESTKEYSTORE : destination.keystore.name
DESTPROTECTED : destination.keystore.password.protected
DESTPROVIDERNAME : destination.keystore.provider.name
DESTSTOREPASS : destination.keystore.password
DESTSTORETYPE : destination.keystore.type
DNAME : distinguished.name
EXT : X.509.extension
FILEOUT: output.file.name
FILEIN : input.file.name
ID : Serial.ID.of.cert.to.revoke
INFILE : input.file.name
KEYALG : key.algorithm.name
KEYPASS : key.password
KEYSIZE : key.bit.size
KEYSTORE : keystore.name
NEW : new.password
NOPROMPT : do.not.prompt
OUTFILE output.file.name
PROTECTED : password.through.protected.mechanism
PROVIDERARG : provider.argument
PROVIDERCLASS : provider.class.name
PROVIDERNAME : provider.name
PROVIDERPATH provider.classpath
RFC : output.in.RFC.style
SIGALG: signature.algorithm.name
SRCALIAS : source.alias
SRCKEYPASS : source.key.password
SRCKEYSTORE : source.keystore.name
SRCPROTECTED : source.keystore.password.protected
SRCPROVIDERNAME : source.keystore.provider.name
SRCSTOREPASS : source.keystore.password
SRCSTORETYPE : source.keystore.type
SSLSERVER : SSL.server.host.and.port
JARFILE : signed.jar.file
STARTDATE : certificate.validity.start.date.time
STOREPASS : keystore.password
STORETYPE : keystore.type
TRUSTCACERTS : trust.certificates.from.cacerts
V : verbose.output
VALIDITY : validity.number.of.days
Lets take a look more details on Keytool command. To execute the keytool we required rt.jar and tools.jar.
rt.jar will be under JAVA_HOME/jre/lib directory and tools.jar can be find under JAVA_HOME/lib.
keytool utility is run thorugh following class "KeyTool" and package is "sun.security.tools" and its class type is final.
eg:
package sun.security.tools;
public final class KeyTool
{
}
Find few important commands under KeyTool class.
CERTREQ : Generates.a.certificate.request
CHANGEALIAS : Changes.an.entry.s.alias
DELETE : Deletes.an.entry
EXPORTCERT : Exports.certificate
GENKEYPAIR : Generates.a.key.pair
GENSECKEY : Generates.a.secret.key
GENCERT : Generates.certificate.from.a.certificate.request
IMPORTCERT : Imports.a.certificate.or.a.certificate.chain
IMPORTKEYSTORE : Imports.one.or.all.entries.from.another.keystore
KEYPASSWD : Changes.the.key.password.of.an.entry
LIST : Lists.entries.in.a.keystore
PRINTCERT : Prints.the.content.of.a.certificate
PRINTCERTREQ : Prints.the.content.of.a.certificate.request
PRINTCRL : Prints.the.content.of.a.CRL.file
STOREPASSWD : Changes.the.store.password.of.a.keystore
KEYCLONE : Clones.a.key.entry
SELFCERT : Generates.a.self.signed.certificate
GENCRL : Generates.CRL
IDENTITYDB : Imports.entries.from.a.JDK.1.1.x.style.identity.database
Find few important Options under KeyTool class.
ALIAS : alias.name.of.the.entry.to.process
DESTALIAS : destination.alias
DESTKEYPASS : destination.key.password
DESTKEYSTORE : destination.keystore.name
DESTPROTECTED : destination.keystore.password.protected
DESTPROVIDERNAME : destination.keystore.provider.name
DESTSTOREPASS : destination.keystore.password
DESTSTORETYPE : destination.keystore.type
DNAME : distinguished.name
EXT : X.509.extension
FILEOUT: output.file.name
FILEIN : input.file.name
ID : Serial.ID.of.cert.to.revoke
INFILE : input.file.name
KEYALG : key.algorithm.name
KEYPASS : key.password
KEYSIZE : key.bit.size
KEYSTORE : keystore.name
NEW : new.password
NOPROMPT : do.not.prompt
OUTFILE output.file.name
PROTECTED : password.through.protected.mechanism
PROVIDERARG : provider.argument
PROVIDERCLASS : provider.class.name
PROVIDERNAME : provider.name
PROVIDERPATH provider.classpath
RFC : output.in.RFC.style
SIGALG: signature.algorithm.name
SRCALIAS : source.alias
SRCKEYPASS : source.key.password
SRCKEYSTORE : source.keystore.name
SRCPROTECTED : source.keystore.password.protected
SRCPROVIDERNAME : source.keystore.provider.name
SRCSTOREPASS : source.keystore.password
SRCSTORETYPE : source.keystore.type
SSLSERVER : SSL.server.host.and.port
JARFILE : signed.jar.file
STARTDATE : certificate.validity.start.date.time
STOREPASS : keystore.password
STORETYPE : keystore.type
TRUSTCACERTS : trust.certificates.from.cacerts
V : verbose.output
VALIDITY : validity.number.of.days
0 Comments