Java "keytool -gencert" Command Options
What options are supported by the "keytool -gencert" command?
✍: FYIcenter.com
Java Keytool can be used to sign a CSR (Certificate Signing Request) file
using the "keytool -gencert" command, which supports the following options:
C:Usersfyicenter> keytool -gencert -help keytool -gencert [OPTION]... Generates certificate from a certificate request Options: -rfc output in RFC style -infile <filename> input file name -outfile <filename> output file name -alias <alias> alias name of the entry to process -sigalg <sigalg> signature algorithm name -dname <dname> distinguished name -startdate <startdate> certificate validity start date/time -ext <value> X.509 extension -validity <valDays> validity number of days -keypass <arg> key password -keystore <keystore> keystore name -storepass <arg> keystore password -storetype <storetype> keystore type -providername <providername> provider name -providerclass <providerclass> provider class name -providerarg <arg> provider argument -providerpath <pathlist> provider classpath -v verbose output -protected password through protected mechanism Use "keytool -help" for all available commands
The "keytool -gencert" command generates a certificate as a response to a certificate request file (which can be created by the keytool -certreq command). The command reads the request from infile (if omitted, from the standard input), signs it using alias's private key, and output the X.509 certificate into outfile (if omitted, to the standard output). If -rfc is specified, output format is BASE64-encoded PEM; otherwise, a binary DER is created.
sigalg specifies the algorithm that should be used to sign the certificate. startdate is the start time/date that the certificate is valid. valDays tells the number of days for which the certificate should be considered valid.
If dname is provided, it's used as the subject of the generated certificate. Otherwise, the one from the certificate request is used.
ext shows what X.509 extensions will be embedded in the certificate.
Java Keytool can be used to sign a CSR (Certificate Signing Request) file using the "keytool -gencert" command, which supports the following options:
C:\Users\fyicenter> keytool -gencert -help keytool -gencert [OPTION]... Generates certificate from a certificate request Options: -rfc output in RFC style -infile <filename> input file name -outfile <filename> output file name -alias <alias> alias name of the entry to process -sigalg <sigalg> signature algorithm name -dname <dname> distinguished name -startdate <startdate> certificate validity start date/time -ext <value> X.509 extension -validity <valDays> validity number of days -keypass <arg> key password -keystore <keystore> keystore name -storepass <arg> keystore password -storetype <storetype> keystore type -providername <providername> provider name -providerclass <providerclass> provider class name -providerarg <arg> provider argument -providerpath <pathlist> provider classpath -v verbose output -protected password through protected mechanism Use "keytool -help" for all available commands
The "keytool -gencert" command generates a certificate as a response to a certificate request file (which can be created by the keytool -certreq command). The command reads the request from infile (if omitted, from the standard input), signs it using alias's private key, and output the X.509 certificate into outfile (if omitted, to the standard output). If -rfc is specified, output format is BASE64-encoded PEM; otherwise, a binary DER is created.
sigalg specifies the algorithm that should be used to sign the certificate. startdate is the start time/date that the certificate is valid. valDays tells the number of days for which the certificate should be considered valid.
If dname is provided, it's used as the subject of the generated certificate. Otherwise, the one from the certificate request is used.
ext shows what X.509 extensions will be embedded in the certificate.
⇒ "keytool -gencert" Command Examples - Sign CSR
⇐ "keytool -printcertreq" Command Examples - Print CSR Info
2012-07-21, 12133👍, 0💬
Related Topics:
💬 2017-05-04 Dee: Sweet thats worked- thanks
💬 2017-04-04 Doug: Just what I was looking for, thank you!
