LinuxCommandLibrary

keytool

TLDR

Generate key pair

$ keytool -genkeypair -alias [mykey] -keystore [keystore.jks]
copy
List keystore contents
$ keytool -list -keystore [keystore.jks]
copy
Export certificate
$ keytool -exportcert -alias [mykey] -keystore [keystore.jks] -file [cert.cer]
copy
Import certificate
$ keytool -importcert -alias [trusted] -file [cert.cer] -keystore [keystore.jks]
copy
Change keystore password
$ keytool -storepasswd -keystore [keystore.jks]
copy
Delete entry
$ keytool -delete -alias [mykey] -keystore [keystore.jks]
copy

SYNOPSIS

keytool command [options]

DESCRIPTION

keytool manages Java keystores and certificates. It generates keys, imports/exports certificates, and manages trust stores.
The tool is essential for SSL/TLS configuration. It handles keystore formats like JKS and PKCS12.
keytool manages Java certificates.

PARAMETERS

-genkeypair

Generate key pair.
-list
List keystore entries.
-exportcert
Export certificate.
-importcert
Import certificate.
-alias NAME
Entry alias.
-keystore FILE
Keystore file.
-storepass PASS
Keystore password.
--help
Display help information.

CAVEATS

Part of JDK. Password management important. Multiple keystore formats.

HISTORY

keytool has been part of the JDK since early versions, providing certificate and key management for Java applications.

SEE ALSO

openssl(1), java(1), jarsigner(1)

Copied to clipboard