Saturday, December 16, 2017

Java Key Store commands

List certificates in Java key store

C:\Program Files\Java\jdk1.8.0_144\jre\lib\security>keytool -list -keystore cacerts
keytool -list -v -keystore c:/users/Xyz/selfsignedXyz.jks

Generate key pair
keytool -genkey -keyalg RSA -alias XyzTestCertAlias -keystore cacerts -validity 365 -keystore c:/users/Xyz/selfsignedXyz.jks

extract public key to cert file
keytool -export -alias XyzTestCertAlias -keystore c:/users/Xyz/selfsignedXyz.jks -rfc -file c:/users/Xyz/XyzTestCert.cert

extract private key - 2 steps
keytool -v -importkeystore -srckeystore c:/users/Xyz/selfsignedXyz.jks -srcalias XyzTestCertAlias -destkeystore c:/users/Xyz/myp12file.p12 -deststoretype PKCS12

openssl pkcs12 -in c:/users/Xyz/myp12file.p12 -out c:/users/Xyz/private.pem

No comments: