Useful Commands Related to Keytool

These commands can be used while we create, import, export, delete, and/or change certificate in a keystore.

Generate a Java keystore and key pair:

keytool -genkey -alias aliasname -keyalg RSA -keystore keystore.jks -keysize 2048

Generate a certificate signing request (CSR) for an existing Java keystore:

keytool -certreq -alias aliasname -keystore keystore.jks -file domainname.csr

Generate a keystore and self-signed certificate:

keytool -genkey -keyalg RSA -alias selfsigned -keystore keystore.jks -storepass password -validity 360 -keysize 2048

View or list the certificate; the command below can be used:

 keytool -list -v -keystore keystore.jks 

Import a root or intermediate CA certificate to an existing Java keystore:

keytool -import -trustcacerts -alias root -file domainname.crt -keystore keystore.jks

Delete a certificate from a Java keytool keystore:

keytool -delete -alias aliasname -keystore keystore.jks

Change a Java keystore password:

keytool -storepasswd -new new_storepass -keystore keystore.jks

Export a certificate from a keystore:

keytool -export -alias aliasname -file filename.crt -keystore keystore.jks

Please do like and subscribe to my youtube channel: If you like this post please follow,share and comment