Java Tools Tutorials - Herong's Tutorial Notes - Version 5.32, by Dr. Herong Yang

Java Tools Tutorials - Herong's Tutorial Notes

∟'keytool' - Public Key Certificate Tool

∟Generating Key Pairs and Self-Signed Certificates

In the first example, I want to try the "keytool -genkey" command option:

C:\herong>keytool -genkey -alias my_home -keystore herong.jks

Enter keystore password:  HerongJKS
What is your first and last name?
  [Unknown]:  Herong Yang
What is the name of your organizational unit?
  [Unknown]:  My Unit
What is the name of your organization?
  [Unknown]:  My Home
What is the name of your City or Locality?
  [Unknown]:  My City
What is the name of your State or Province?
  [Unknown]:  My State
What is the two-letter country code for this unit?
  [Unknown]:  US
Is <CN=Herong Yang, OU=My Unit, O=My Home, L=My City, ST=My State, 
   C=US> correct?
  [no]:  yes
Enter key password for <my_home>
        (RETURN if same as keystore password):  My1stKey

Based on the documentation, the above example command should do the following for me:

• Create a "keystore" file, herong.jks, in JKS format, with password of "HerongJKS".
• Generate a pair of private key and public key for me using the default implementation of the default security package.
• Generate a certificate chain with a single self-signed certificate of my public key.
• Insert a key entry into the keystore with my private key and the certificate chain.

The following command shows that we do have a key entry in the keystore file:

C:\herong>keytool -list -keystore herong.jks -storepass HerongJKS

Keystore type: jks
Keystore provider: SUN

Your keystore contains 1 entry:

my_home, Sat Jun 1 07:15:16 EDT 2012, keyEntry,
Certificate fingerprint 
   (MD5): BE:D2:AF:4E:A7:44:13:08:16:4C:68:3B:D1:99:79:55

Last update: 2015.

Table of Contents

 About This Book

 Java Tools Terminology

 Installing Java 8 on Windows

 'javac' - The Java Program Compiler

 'java' - The Java Program Launcher

 'jdb' - The Java Debugger

 'jconsole' - Java Monitoring and Management Console

 'jstat' - JVM Statistics Monitoring Tool

 JVM Troubleshooting Tools

 jvisualvm (Java VisualVM) - JVM Visual Tool

 'jar' - The JAR File Tool

 'javap' - The Java Class File Disassembler

►'keytool' - Public Key Certificate Tool

 Certificates and Certificate Chains

 'keystore' - Public Key Certificate Storage File

 JDK 1.5 'keytool' - keystore File Management Commands

 JDK 1.6 'keytool' - keystore File Management Commands

►Generating Key Pairs and Self-Signed Certificates

 Exporting and Import Certificates

 Cloning Certificates with New Identities

 'native2ascii' - Native-to-ASCII Encoding Converter

 Outdated Tutorials

 References

 PDF Printing Version

Generating Key Pairs and Self-Signed Certificates - Updated in 2017, by Dr. Herong Yang