API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Aug 23rd, 2019
141
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.77 KB | None | 0 0
raw download clone embed print report
  1. # Keytool
  2.  
  3. ### Creation and importing
  4. Generate a Java keystore and key pair
  5. ```
  6. keytool -keystore keystore.jks -genkeypair -keyalg RSA -keysize 2048 -alias server -validity 3650 -deststoretype pkcs12
  7. ```
  8.  
  9. Generate a Java keystore and key pair and include Distinguished Name as one-liner and the Extensions
  10. ```
  11. keytool -keystore keystore.jks -genkeypair -keyalg RSA -keysize 2048 -alias server -dname "CN=Hakan,OU=Amsterdam,O=Luminis,C=NL" -ext "SAN:c=DNS:localhost,IP:127.0.0.1" -validity 3650 -deststoretype pkcs12
  12. ```
  13.  
  14. Generate a Java keystore and import a certificate
  15. ```
  16. keytool -keystore truststore.jks -importcert -file server.crt -alias server
  17. ```
  18.  
  19. Generate a certificate signing request (CSR) for an existing Java keystore
  20. ```
  21. keytool -certreq -keystore keystore.jks -alias server -keyalg rsa -file server.csr
  22. ```
  23.  
  24. Import a root or intermediate CA certificate to an existing Java keystore
  25. ```
  26. keytool -import -trustcacerts -alias my-newly-trusted-ca -file root-ca.crt -keystore keystore.jks
  27. ```
  28.  
  29. ### Checking
  30. Check a stand-alone certificate
  31. ```
  32. keytool -printcert -v -file server.crt
  33. ```
  34.  
  35. Check which certificates are in a Java keystore
  36. ```
  37. keytool -list -v -keystore keystore.jks
  38. ```
  39.  
  40. Check a particular keystore entry using an alias
  41. ```
  42. keytool -list -v -keystore keystore.jks -alias server
  43. ```
  44.  
  45. ### Other commands
  46. Delete a certificate from a Java keystore
  47. ```
  48. keytool -delete -alias server -keystore keystore.jks
  49. ```
  50.  
  51. Change a Java keystore password
  52. ```
  53. keytool -storepasswd -keystore keystore.jks
  54. ```
  55.  
  56. ### Exporting
  57. Export a certificate to a .crt file
  58. ```
  59. keytool -exportcert -keystore keystore.jks -alias server -rfc -file server.crt
  60. ```
  61.  
  62. Export Java keystore to a .p12 file
  63. ```
  64. keytool -importkeystore -srckeystore keystore.jks -destkeystore keystore.p12 -srcstoretype jks -deststoretype pkcs12
  65. ```
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!