{"id":5591,"date":"2016-02-04T10:07:47","date_gmt":"2016-02-04T02:07:47","guid":{"rendered":"http:\/\/rmohan.com\/?p=5591"},"modified":"2016-02-04T10:07:47","modified_gmt":"2016-02-04T02:07:47","slug":"keytool-commands","status":"publish","type":"post","link":"https:\/\/mohan.sg\/?p=5591","title":{"rendered":"keytool commands"},"content":{"rendered":"

Public and private keys from a Java Key Store<\/h3>\n
<\/div>\n
\n
Step 1:<\/b> Creating the \u201cpublic-private\u201d key-pair.
\nkeytool<\/b> -genkey -alias client -validity 365 -keystore keystore.jks\u00a0<\/b><\/p>\n

Step 2:<\/b> Validate the \u201cpublic-private\u201d key pair.
\nkeytool<\/b> -list -v -keystore keystore.jks<\/p>\n

Step 3:<\/b> Extract the \u201cpublic key\u201d from the \u201cpublic-private\u201d
\nkeytool<\/b> -export -alias client -keystore keystore.jks -rfc -file public.cert<\/p>\n

Step 4:<\/b> Check the extracted public key (public.cert)
\ntype<\/b> public.cert<\/p>\n

Step 5:<\/b> Time to create the truststore<\/b><\/u> using the public key, which was extracted.
\nkeytool<\/b> -import -alias client -file public.cert -keystore server.truststore
\nkeytool<\/b> -list -v -keystore server.truststore<\/p>\n

Steps Private Keys Export<\/b> <\/u>: It is required to save the private key in the PKCS#12 format
\nand we can convert that to a text file using openssl:
\nStep 1:<\/b> keytool<\/b> -v -importkeystore -srckeystore keystore.jks -srcalias client -destkeystoremyp12file.p12 -deststoretype PKCS12
\nStep 2:<\/b> openssl <\/b>pkcs12 -in myp12file.p12 -out private.pem<\/p>\n

Other Keytool Commands:<\/b><\/u>
\n– keytool -delete -alias client -keystore keystore.jks
\n– keytool -storepasswd -new new_storepass -keystore keystore.jks
\n– keytool -list -v -keystore $JAVA_HOME\/jre\/lib\/security\/cacerts
\n– Import New CA into Trusted Certs
\nkeytool -import -trustcacerts -file \/path\/to\/ca\/ca.pem -alias CA_ALIAS -keystore $JAVA_HOME\/jre\/lib\/security\/cacerts<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

Public and private keys from a Java Key Store Step 1: Creating the \u201cpublic-private\u201d key-pair. keytool -genkey -alias client -validity 365 -keystore keystore.jks <\/p>\n

Step 2: Validate the \u201cpublic-private\u201d key pair. keytool -list -v -keystore keystore.jks<\/p>\n

Step 3: Extract the \u201cpublic key\u201d from the \u201cpublic-private\u201d keytool -export -alias client -keystore keystore.jks -rfc -file public.cert<\/p>\n

Step […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[17],"tags":[],"_links":{"self":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/5591"}],"collection":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=5591"}],"version-history":[{"count":1,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/5591\/revisions"}],"predecessor-version":[{"id":5592,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/5591\/revisions\/5592"}],"wp:attachment":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=5591"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=5591"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=5591"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}