"keytool -importcert" Command Examples - Save Certificate to Keystore


How to use the "keytool -importcert" command? I have a certificate downloaded from a Web site and want to save it in a keystore file.

✍: FYIcenter.com


Here is an example of using "keytool -exportcert" command to save the www.facebook.com certifcate into the default keystore file:

C:\Users\fyicenter>"\Program Files\java\jre7\bin\keytool" -importcert
-storepass FYIcenter -alias facebook_cert -file facebook_cert.pem -noprompt

Certificate was added to keystore

C:\Users\fyicenter>"\Program Files\java\jre7\bin\keytool" -list
-storepass FYIcenter

Keystore type: JKS
Keystore provider: SUN

Your keystore contains 3 entries

facebook_cert, Jul 14, 2012, trustedCertEntry,
Certificate fingerprint (SHA1):
2ndkey, Jul 14, 2012, PrivateKeyEntry,
Certificate fingerprint (SHA1):
mykey, Jul 13, 2012, PrivateKeyEntry,
Certificate fingerprint (SHA1):

What the "keytool -importcert" command shown above did for you:

  • Read the certificate from "facebook_cert.pem" file.
  • Save the certificate in the default keystore file: C:\Users\fyicenter\.keystore as a "trustedCertEntry" entry with alias of "facebook_cert".
C:Usersfyicenter>"Program Filesjavajre7inkeytool" -importcert -storepass FYIcenter -alias facebook_cert -file facebook_cert.pem -noprompt Ce

2012-07-20, 14813👍, 0💬