Keytool Operations: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
Line 11: Line 11:
A [[Public_Key_Security#Key_Pair|key pair]] can be generated and placed in the keystore with the following command:
A [[Public_Key_Security#Key_Pair|key pair]] can be generated and placed in the keystore with the following command:


  keytool -genkeypair -alias jce-provider-signing-key -keyalg DSA -keysize 1024 -dname "cn=Nova Ordis LLC, ou=Java Software Code Signing, o=Sun Microsystems Inc" -keystore jce-provider-signing-keystore.jks -storepass n7ejfh2jef234rBe
  keytool \
    -genkeypair \
    -alias jce-provider-signing-key \
    -keyalg DSA \
    -keysize 1024 \
    -dname "cn=Nova Ordis LLC, ou=Java Software Code Signing, o=Sun Microsystems Inc" \
    -keystore ./test-keystore.jks \
    -storepass n7ejfh2jef234rBe


=Generate a Certificate Signing Request=
=Generate a Certificate Signing Request=

Revision as of 05:35, 8 April 2018

External

Internal

Generate a Public/Private Key Pair

A key pair can be generated and placed in the keystore with the following command:

keytool \
   -genkeypair \
   -alias jce-provider-signing-key \
   -keyalg DSA \
   -keysize 1024 \
   -dname "cn=Nova Ordis LLC, ou=Java Software Code Signing, o=Sun Microsystems Inc" \
   -keystore ./test-keystore.jks \
   -storepass n7ejfh2jef234rBe

Generate a Certificate Signing Request

A certificate signing request can be generated with the following command:

keytool -certreq -alias jce-provider-signing-key -file novaordis-jce-provider2.csr -keystore ./jce-provider-signing-keystore.jks -storepass n7ejfh2jef234rBe

Inspect the Certificate

The certificate data can be displayed with:

keytool -printcert -v -file ./test-cert.pem

It accepts certificates in PEM format.