Can somebody please explain me the difference between keytool command genkey and selfcert, where I googled and I got both will generate self signed certificate, whats the difference then ?
How can I sign a CSR with a certificate using keytool command ?
Thanks in advance.
genkey creates both a key and a cert. selfcert replaces the cert for an existing key with a new self-cert. Do this when your old cert has expired. If you want to sign it with a different cert (maybe from a CA) use import.
I will first assume that you have generated the CSR and sent it across to a CA. The CA returns back the certificate that you can importcert back into the keystore for the same alias for which you generated the CSR.
So in short:
keytool -v -importcert -keystore mykeystore.jks -alias mycertalias -file CASignedCert.cer -trustcacerts
