keytool is Key and Certificate Management Tool. It is provided by development package e.g. java-1.6.0-sun-devel-1.6.0.85-1jpp.2.el6.x86_64
Java KeyStore file is /etc/alternatives/java_sdk/jre/lib/security/cacerts (/etc/alternatives/java_sdk is link to default java base directory e.g. /usr/lib/jvm/java-1.6.0-sun.x86_64/ ). keytool utility is used to interact with this binary keystore database file.
--find existing certificate alias
# keytool -keystore /etc/alternatives/java_sdk/jre/lib/security/cacerts -list \
-storepass changeit
--delete an exising alias
$ keytool -keystore /etc/alternatives/java_sdk/jre/lib/security/cacerts -delete \
-alias -storepass changeit
--import a certificate
$ keytool -import -noprompt -trustcacerts \
-alias \
-file /var/tmp/your.company.com.crt \
-keystore /etc/alternatives/java_sdk/jre/lib/security/cacerts \
-storepass changeit
--display details of certificate
$ keytool -list -v -keystore /etc/alternatives/java_sdk/jre/lib/security/cacerts \
-alias
-storepass changeit
(changeit - your keystore password)
Reference:
https://www.sslshopper.com/article-most-common-java-keytool-keystore-commands.html
Java KeyStore file is /etc/alternatives/java_sdk/jre/lib/security/cacerts (/etc/alternatives/java_sdk is link to default java base directory e.g. /usr/lib/jvm/java-1.6.0-sun.x86_64/ ). keytool utility is used to interact with this binary keystore database file.
How to find currently installed certificate, delete a certificate and import new one
--find existing certificate alias
# keytool -keystore /etc/alternatives/java_sdk/jre/lib/security/cacerts -list \
-storepass changeit
--delete an exising alias
$ keytool -keystore /etc/alternatives/java_sdk/jre/lib/security/cacerts -delete \
-alias
--import a certificate
$ keytool -import -noprompt -trustcacerts \
-alias
-file /var/tmp/your.company.com.crt \
-keystore /etc/alternatives/java_sdk/jre/lib/security/cacerts \
-storepass changeit
--display details of certificate
$ keytool -list -v -keystore /etc/alternatives/java_sdk/jre/lib/security/cacerts \
-alias
-storepass changeit
(changeit - your keystore password)
Reference:
https://www.sslshopper.com/article-most-common-java-keytool-keystore-commands.html
No comments:
Post a Comment