Shulou(Shulou.com)06/01 Report--

Editor to share with you how to use keytool in Java, I believe most people do not know much about it, so share this article for your reference, I hope you can learn a lot after reading this article, let's go to know it!

Brief introduction of Keytool

Keytool is a key and certificate management tool. It enables users to manage their own public / private key pairs and related certificates for (through digital signature) self-authentication (users authenticate themselves to other users / services) or data integrity and authentication services. This tool is included in versions of JDK 1.4 and is located at "% JAVA_HOME%\ bin\ keytool.exe".

The use of keytool

Keytool is native to java and does not need to be installed after installing java. As a key and certificate management tool, it is convenient for users to manage their own public / private keys and certificates for authentication services.

1. Related concepts

Keystore

Keytool stores the key (key) and certificate (certificates) in the keystore file

The key needs to be stored in the KeyStore

two。 Related command

-alias generates aliases

-keystore specifies the name of the KeyStore (a certificate store like a database, which can have many certificates. Cacerts is a file that comes with jre, and you can also use other file names. If there is no such file name, it will create one)

-storepass specifies the password of the KeyStore

-keypass specifies the password of the alias entry

-list displays certificate information in the KeyStore

-v displays certificate details in the KeyStore

-export exports the certificate specified by the alias to a file

The-file parameter specifies the file name to export to the file

-delete deletes an entry in the KeyStore

-import imports a signed digital certificate into the KeyStore

-keypasswd modifies the password of the specified entry in the KeyStore

-dname specifies the certificate owner information

-keyalg the algorithm for specifying the key

-validity specifies how many days the certificate created is valid

-keysize specifies the key length

two。 Generate KeyStore

When the KeyStore is generated, a key pair is generated, and both the KeyStore and the key pair require a password.

Keytool-genkey-keystore "/ Users/..../tmp/keytool/test.keystore"-alias mytest-keyalg RSA-validity 365

Fill in the relevant information and generate the KeyStore and key pair

Parameter description:

-genkey: generates a key pair (public key and private key)

-keystore: each keytool command has a-keystore option that specifies the name and location of the permanent KeyStore file for the keytool-managed KeyStore. If the-keystore option is not specified, the default KeyStore will be a file named .keystore in the host directory (determined by the "user.home" of the system property). If the file does not exist, it will be created.

-alias: specifies the alias of the key entry, which is public.

-keyalg: the algorithm for specifying the key, such as RSA, DSA (if DSA is not specified by default)

-validity: specifies how many days the created certificate is valid

3. View certificat

Keytool-list-v-keystore test.keystore-storepass 123456

-list lists certificates

-v display details

-keystore specifies the KeyStore

-storepass specifies the decryption password of the KeyStore

-rfc prints the certificate in a coded manner

Keytool-list-rfc-keystore. / test.keystore-storepass 789789

4. Import certificate

Keytool-import-alias test1-file. / test.crt-keystore. / test.keystore-storepass 789789

5. Export certificate

Keytool-export-alias mytest-keystore. / test.keystore-file. / test.crt-storepass 789789

6. Modify the password

Modify the password of the specified entry in the KeyStore

Keytool-keypasswd-aliases to be modified for alias-keypass old password-new new password-storepass keystore password-KeyStore where keystore resides

Change the password of the KeyStore

Keytool-storepasswd-keystore. / yushan.keystore (keystore to change password)-storepass 123456 (original password)-new yushan (new password)

The above is all the contents of the article "how to use keytool in Java". Thank you for reading! I believe we all have a certain understanding, hope to share the content to help you, if you want to learn more knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.