Java Tools Tutorials - Herong's Tutorial Notes - Version 5.32, by Dr. Herong Yang
Generating Key Pairs and Self-Signed Certificates
This section provides a tutorial example on how to generate private and public key pairs and self-signed certificates.
In the first example, I want to try the "keytool -genkey" command option:
C:\herong>keytool -genkey -alias my_home -keystore herong.jks Enter keystore password: HerongJKS What is your first and last name? [Unknown]: Herong Yang What is the name of your organizational unit? [Unknown]: My Unit What is the name of your organization? [Unknown]: My Home What is the name of your City or Locality? [Unknown]: My City What is the name of your State or Province? [Unknown]: My State What is the two-letter country code for this unit? [Unknown]: US Is <CN=Herong Yang, OU=My Unit, O=My Home, L=My City, ST=My State, C=US> correct? [no]: yes Enter key password for <my_home> (RETURN if same as keystore password): My1stKey
Based on the documentation, the above example command should do the following for me:
The following command shows that we do have a key entry in the keystore file:
C:\herong>keytool -list -keystore herong.jks -storepass HerongJKS Keystore type: jks Keystore provider: SUN Your keystore contains 1 entry: my_home, Sat Jun 1 07:15:16 EDT 2012, keyEntry, Certificate fingerprint (MD5): BE:D2:AF:4E:A7:44:13:08:16:4C:68:3B:D1:99:79:55
Last update: 2015.
Table of Contents
'javac' - The Java Program Compiler
'java' - The Java Program Launcher
'jconsole' - Java Monitoring and Management Console
'jstat' - JVM Statistics Monitoring Tool
jvisualvm (Java VisualVM) - JVM Visual Tool
'javap' - The Java Class File Disassembler
►'keytool' - Public Key Certificate Tool
Certificates and Certificate Chains
'keystore' - Public Key Certificate Storage File
JDK 1.5 'keytool' - keystore File Management Commands
JDK 1.6 'keytool' - keystore File Management Commands
►Generating Key Pairs and Self-Signed Certificates
Exporting and Import Certificates
Cloning Certificates with New Identities