Java "keytool -list" Command Options


What options are supported by the "keytool -list" command?



Java Keytool can be used to manage certificates and private keys saved in a keystore file. The first you need to know is the "keytool -list command, which displays a list of all certificate and private key entries in a keystore file.

The "keytool -list" command supports the following options:

C:\Users\fyicenter> keytool -list -help

keytool -list [OPTION]...

Lists entries in a keystore


 -rfc                            output in RFC style
 -alias <alias>                  alias name of the entry to process
 -keystore <keystore>            keystore name
 -storepass <arg>                keystore password
 -storetype <storetype>          keystore type
 -providername <providername>    provider name
 -providerclass <providerclass>  provider class name
 -providerarg <arg>              provider argument
 -providerpath <pathlist>        provider classpath
 -v                              verbose output
 -protected                      password through protected mechanism

Use "keytool -help" for all available commands

The "keytool -list" command prints (to stdout) the contents of the keystore entry identified by alias. If no alias is specified, the contents of the entire keystore are printed.

This command by default prints the SHA1 fingerprint of a certificate. If the -v option is specified, the certificate is printed in human-readable format, with additional information such as the owner, issuer, serial number, and any extensions. If the -rfc option is specified, certificate contents are printed using the printable encoding format, as defined by the Internet RFC 1421 standard

You cannot specify both -v and -rfc.


"keytool -list" Command Examples - List Keystore Entries

"keytool -exportcert" Command Examples - Exporting Certificate

Managing Certificates with Java Keytool

⇑⇑ Java Keytool: Certificate Management Tool

2016-06-27, 41078🔥, 2💬