"keytool -exportcert" Command Examples - Exporting Certificate

Q

How to use the "keytool -exportcert" command? I want to export a certificate out of a keystore file and send it to someone else.

✍: FYIcenter.com

A

Here is an example of using "keytool -exportcert" command to export the self-signed certificate in the "2ndkey" entry from the default keystore file:

C:\Users\fyicenter>"\Program Files\java\jre7\bin\keytool" -exportcert
-storepass FYIcenter -alias 2ndkey -rfc

-----BEGIN CERTIFICATE-----
MIICljCCAlOgAwIBAgIEDjB/czALBgcqhkjOOAQDBQAwHDEaMBgGA1UEAxMRamFyLmZ5aWNlbnRl
ci5jb20wHhcNMTIwNzE0MTQ1NzUwWhcNMTIxMDEyMTQ1NzUwWjAcMRowGAYDVQQDExFqYXIuZnlp
Y2VudGVyLmNvbTCCAbgwggEsBgcqhkjOOAQBMIIBHwKBgQD9f1OBHXUSKVLfSpwu7OTn9hG3Ujzv
RADDHj+AtlEmaUVdQCJR+1k9jVj6v8X1ujD2y5tVbNeBO4AdNG/yZmC3a5lQpaSfn+gEexAiwk+7
qdf+t8Yb+DtX58aophUPBPuD9tPFHsMCNVQTWhaRMvZ1864rYdcq7/IiAxmd0UgBxwIVAJdgUI8V
IwvMspK5gqLrhAvwWBz1AoGBAPfhoIXWmz3ey7yrXDa4V7l5lK+7+jrqgvlXTAs9B4JnUVlXjrrU
WU/mcQcQgYC0SRZxI+hMKBYTt88JMozIpuE8FnqLVHyNKOCjrh4rs6Z1kW6jfwv6ITVi8ftiegEk
O8yk8b6oUZCJqIPf4VrlnwaSi2ZegHtVJWQBTDv+z0kqA4GFAAKBgQCMAAHeafDPryQlNzBgpFfM
Rki5h0611+a1KDeg5FCm3Ht/LHKfcOois4xSPCu9PT9zng/PfIvt8PHVuBlhWAq27KcKiobn5iQQ
5u6R4UHfFiBw/hedaYW5ORAD+dkm7sdlMS3bRPMRHaR4M7k2YsGLISnxTOwlwPpyaFh4zdpcJaMh
MB8wHQYDVR0OBBYEFHJc0nfU0Dq5M7Ab7vgthIcyWCvbMAsGByqGSM44BAMFAAMwADAtAhROGKfr
4tXO7Jy8edfL1jAkTCk/EgIVAJPZEZ1H/0wbeHA74zPfK8I+w9ab
-----END CERTIFICATE-----

What this command did for you:

  • Open the default keystore file in your home folder: C:\Users\fyicenter\.keystore.
  • Read the certificate stored in the "2ndkey" entry.
  • Export the certificate in "rfc" format (Base64 encoded binary data).

If you want to save the certificate in a file, you can use the "-file" option:

C:\Users\fyicenter>"\Program Files\java\jre7\bin\keytool" -exportcert
-storepass FYIcenter -alias 2ndkey -rfc -file 2nd_cert.pem

Certificate stored in file <2nd_cert.pem>

2012-07-19, 10527👍, 0💬