This section provides a tutorial example on how to generat private and public key pairs and self-signed certificates.
In the first example, I want to try the "-genkey" command option using JDK 1.3.1:
C:\herong>keytool -genkey -alias my_home -keystore herong.jks
Enter keystore password: HerongJKS
What is your first and last name?
[Unknown]: Herong Yang
What is the name of your organizational unit?
[Unknown]: My Unit
What is the name of your organization?
[Unknown]: My Home
What is the name of your City or Locality?
[Unknown]: My City
What is the name of your State or Province?
[Unknown]: My State
What is the two-letter country code for this unit?
[Unknown]: US
Is <CN=Herong Yang, OU=My Unit, O=My Home, L=My City, ST=My State,
C=US> correct?
[no]: yes
Enter key password for <my_home>
(RETURN if same as keystore password): My1stKey
Based on the documentation, the above example command should do the following for me:
Create a "keystore" file, herong.jks, in JKS format, with password of "HerongJKS".
Generate a pair of private key and public key for me using the default implementation
of the default security package.
Generate a certificate chain with a single self-signed certificate of my public key.
Insert a key entry into the keystore with my private key and the certificate chain.
The following command shows that we do have a key entry in the keystore file:
C:\herong>keytool -list -keystore herong.jks -storepass HerongJKS
Keystore type: jks
Keystore provider: SUN
Your keystore contains 1 entry:
my_home, Sat Jun 1 07:15:16 EDT 2002, keyEntry,
Certificate fingerprint
(MD5): BE:D2:AF:4E:A7:44:13:08:16:4C:68:3B:D1:99:79:55
