A) Key Store Generation
1) Generate a Java keystore and key pair
keytool -genkey -alias demo -keyalg RSA -keystore keystore.jks -storepass password
2) Generate a certificate signing request (CSR) for an existing Java keystore
keytool -certreq -alias demo -keystore keystore.jks -storepass password -file demo.csr
3) Generate a keystore and self-signed certificate
keytool -genkey -keyalg RSA -alias selfsigned -keystore keystore.jks -storepass password -validity 360
B) Import Certificates
1) Import a root or intermediate CA certificate to an existing Java keystore
keytool -import -trustcacerts -alias root -file test.crt -keystore keystore.jks -storepass password
2) Import a signed primary certificate to an existing Java keystore
keytool -import -trustcacerts -alias demo -file demo.crt -keystore keystore.jks -storepass password
3) Import New CA into Trusted Certs
keytool -import -trustcacerts -file demo.pem -alias CA_ALIAS -keystore $JAVA_HOME/jre/lib/security/cacerts
C) Export Certificates
1) Export a certificate from a keystore
keytool -export -alias demo -file demo.crt -keystore keystore.jks -storepass password
D) Check/List/View
1) Check a stand-alone certificate
keytool -printcert -v -file demo.crt
2) Check which certificates are in a Java keystore
keytool -list -v -keystore keystore.jks -storepass password
3) Check a particular keystore entry using an alias
keytool -list -v -keystore keystore.jks -storepass password -alias demo
E) List Trusted CA Certs
1) keytool -list -v -keystore $JAVA_HOME/jre/lib/security/cacerts
D) Delete Certificates
1) Delete a certificate from a Java Keytool keystore
keytool -delete -alias demo -keystore keystore.jks -storepass password
F) Change Passwords
1) Change a Java keystore password
keytool -storepasswd -new new_storepass -keystore keystore.jks -storepass password
2) Change a private key password
keytool -keypasswd -alias client -keypass old_password -new new_password -keystore client.jks -storepass password
1) Generate a Java keystore and key pair
keytool -genkey -alias demo -keyalg RSA -keystore keystore.jks -storepass password
2) Generate a certificate signing request (CSR) for an existing Java keystore
keytool -certreq -alias demo -keystore keystore.jks -storepass password -file demo.csr
3) Generate a keystore and self-signed certificate
keytool -genkey -keyalg RSA -alias selfsigned -keystore keystore.jks -storepass password -validity 360
B) Import Certificates
1) Import a root or intermediate CA certificate to an existing Java keystore
keytool -import -trustcacerts -alias root -file test.crt -keystore keystore.jks -storepass password
2) Import a signed primary certificate to an existing Java keystore
keytool -import -trustcacerts -alias demo -file demo.crt -keystore keystore.jks -storepass password
3) Import New CA into Trusted Certs
keytool -import -trustcacerts -file demo.pem -alias CA_ALIAS -keystore $JAVA_HOME/jre/lib/security/cacerts
C) Export Certificates
1) Export a certificate from a keystore
keytool -export -alias demo -file demo.crt -keystore keystore.jks -storepass password
D) Check/List/View
1) Check a stand-alone certificate
keytool -printcert -v -file demo.crt
2) Check which certificates are in a Java keystore
keytool -list -v -keystore keystore.jks -storepass password
3) Check a particular keystore entry using an alias
keytool -list -v -keystore keystore.jks -storepass password -alias demo
E) List Trusted CA Certs
1) keytool -list -v -keystore $JAVA_HOME/jre/lib/security/cacerts
D) Delete Certificates
1) Delete a certificate from a Java Keytool keystore
keytool -delete -alias demo -keystore keystore.jks -storepass password
F) Change Passwords
1) Change a Java keystore password
keytool -storepasswd -new new_storepass -keystore keystore.jks -storepass password
2) Change a private key password
keytool -keypasswd -alias client -keypass old_password -new new_password -keystore client.jks -storepass password
No comments:
Post a Comment