Cloning Certificates with New Identities
<< 'keytool' - Public Key Certificate Tool
<< Java Tool Tutorials - Herong's Tutorial Notes
This section provides a tutorial example on how to clone a certificates stored in a 'keystore' file using 'keytool'.
In the third example, I want to create a new key entry with the same key pair of an existing key entry, but change the identity information:
C:\herong>keytool -keyclone -alias my_home -dest my_copy -keypass My1stKey -new My2ndKey -keystore herong.jks -storepass HerongJKS C:\herong>keytool -selfcert -alias my_copy -keypass My2ndKey -dname "cn=Herong Yang, ou=My Unit 2, o=My Organization 2, c=US" -keystore herong.jks -storepass HerongJKS C:\herong>keytool -export -alias my_copy -file my_copy.crt -keystore herong.jks -storepass HerongJKS Certificate stored in file <my_copy.crt> C:\herong>keytool -printcert -file my_copy.crt Owner: CN=Herong Yang, OU=My Unit 2, O=My Organization 2, C=US Issuer: CN=Herong Yang, OU=My Unit 2, O=My Organization 2, C=US Serial number: 40798b4f Valid from: Sat Jun 1 14:15:43 EDT 2002 until: Sat Aug 31 14:15:43... Certificate fingerprints: MD5: 4A:E4:D9:BC:E9:8C:50:27:6C:00:59:76:D1:14:05:79 SHA1: FA:F5:30:78:22:3B:52:28:0D:41:24:0B:CA:CC:6F:D4:0E:...
Sections in This Chapter
Certificates and Certificate Chains
'keystore' - Public Key Certificate Storage File
JDK 1.5 'keytool' - keystore File Management Commands
JDK 1.6 'keytool' - keystore File Management Commands
Generating Key Pairs and Self-Signed Certificates
Exporting and Import Certificates
