Collections:
Other Resources:
Java "keytool -genkeypair" Command Options
What options are supported by the "keytool -genkeypair" command?
✍: FYIcenter.com
Java Keytool can be used to generate a pair of public key and private key with the "keytool -genkeypair" command, which supports the following options:
C:\Users\fyicenter> keytool -genkeypair -help keytool -genkeypair [OPTION]... Generates a key pair Options: -alias <alias> alias name of the entry to process -keyalg <keyalg> key algorithm name -keysize <keysize> key bit size -sigalg <sigalg> signature algorithm name -destalias <destalias> destination alias -dname <dname> distinguished name -startdate <startdate> certificate validity start date/time -ext <value> X.509 extension -validity <valDays> validity number of days -keypass <arg> key password -keystore <keystore> keystore name -storepass <arg> keystore password -storetype <storetype> keystore type -providername <providername> provider name -providerclass <providerclass> provider class name -providerarg <arg> provider argument -providerpath <pathlist> provider classpath -v verbose output -protected password through protected mechanism Use "keytool -help" for all available commands
Generates a key pair (a public key and associated private key). Wraps the public key into an X.509 v3 self-signed certificate, which is stored as a single-element certificate chain. This certificate chain and the private key are stored in a new keystore entry identified by alias.
keyalg specifies the algorithm to be used to generate the key pair, and keysize specifies the size of each key to be generated. sigalg specifies the algorithm that should be used to sign the self-signed certificate; this algorithm must be compatible with keyalg.
dname specifies the X.500 Distinguished Name to be associated with alias, and is used as the issuer and subject fields in the self-signed certificate. If no distinguished name is provided at the command line, the user will be prompted for one.
keypass is a password used to protect the private key of the generated key pair. If no password is provided, the user is prompted for it. If you press RETURN at the prompt, the key password is set to the same password as that used for the keystore. keypass must be at least 6 characters long.
startdate specifies the issue time of the certificate, also known as the "Not Before" value of the X.509 certificate's Validity field.
valDays specifies the number of days (starting at the date specified by -startdate, or the current date if -startdate is not specified) for which the certificate should be considered valid.
⇒ "keytool -genkeypair" Command Examples - Generate Key Pair
⇐ Managing Certificates with Java Keytool
2012-07-19, 17🔥, 0💬
Popular Posts:
What are distinguished names on certificates? I see "CN=..." on in many certificates. Distinguished ...
Certificate Summary: Subject: www.amazon.co.jp Issuer: VeriSign Class 3 Secure Server CA - G2 Expira...
How to encrypt a file with an RSA public key using OpenSSL "rsautl" command? If you want to encrypt ...
How to generate a new root CA certificate to test the OpenSSL "ca" command? If you need some root CA...
Certificate summary - Owner: *.adnxs.com, "AppNexus, Inc", L=New York, ST=New York, US, SERIALNUMBER...