Stack Overflow
Stack Overflow

Questions tagged [keytool]

Key and Certificate Management Tool: manages a keystore (database) of cryptographic keys, X.509 certificate chains, and trusted certificates.

Keytool is a key and certificate management utility. It allows users to administer their own public/private key pairs and associated certificates for use in self-authentication (where the user authenticates himself/herself to other users/services) or data integrity and authentication services, using digital signatures. It also allows users to cache the public keys (in the form of certificates) of their communicating peers.

1325 questions
9
votes
1 answer

Add e-mail to CSR generated with keytool

As per this : http://en.wikipedia.org/wiki/Certificate_signing_request the CSR can contain an email address. My question is how can I add such e-mail address field considering I`m generating the CSR with keytool ? Thank you.
Sergiu
  • 2,502
  • 6
  • 35
  • 57
9
votes
1 answer

How to reset keystores when you do not know their password?

For some reason I got this message: keytool error: java.io.IOException: Keystore was tampered with, or password was incorrect I know that I cannot "repair" the keystore, but I want to reset the keystore, but don't know how to do it, especially…
sorin
  • 161,544
  • 178
  • 535
  • 806
8
votes
3 answers

Keytool generates SHA1 fingerprint instead of MD5?

I want to use Google Maps in my application, I have followed this tutorial to generate MD5 fingerprint of my eventappkey.keystore. But keytool generates SHA1 fingerprint instead of MD5, due to which I am unable to register for Google Api as google…
Muhammad Nabeel Arif
  • 19,140
  • 8
  • 51
  • 70
8
votes
2 answers

Either remove or automatically enter pem passphrase for haproxy ssl; Chrome still warns about CA not signed

I recently received a signed certificate to use with haproxy SSL termination. In order for haproxy to use this, I needed to convert the jks file to a pem file. First, I converted the cer files I received into crt, as I had a previous error where…
SVill
  • 331
  • 5
  • 22
  • 55
8
votes
3 answers

Cert validation path error when debugging in Android Studio

I just generated the sample app from https://flutter.dev/docs/get-started/codelab When i hit the debug button in Android Studio i get the following error: Exception in thread "main" javax.net.ssl.SSLHandshakeException:…
José Cousiño
  • 399
  • 1
  • 6
  • 15
8
votes
1 answer

java keystore and password settings

I have the following question on java keystores and keytool. I assume that a keystore may have more than 1 certificates. As I have tried, via keytool I can create a keystore, and to access this keystore I have to set a password. Also to access each…
Cratylus
  • 52,998
  • 69
  • 209
  • 339
8
votes
2 answers

Trying to refresh 'expired' keystore

I am trying to re-sign some jars using the ant task 'signjar' however it's telling me "The signer certificate has expired." So I tried to re-generate the keystore hoping this would 'un-expire' it... keytool -genkey -keystore mykeystore -alias…
pstanton
  • 35,033
  • 24
  • 126
  • 168
8
votes
1 answer

Renew certificate with Java Keytool - reuse old CSR?

I have an SSL certificate in a Java keystore. It's going to expire in a week or so and I need to renew it. Can I reuse the previous CSR (which the CA still have) and then import the certificate using the import command or do I need to generate a…
Brian Beckett
  • 4,742
  • 6
  • 33
  • 52
8
votes
2 answers

Sign application with several certificates

From the signing documentation at https://developer.android.com/studio/publish/index.html: When the system is installing an update to an application, if any of the certificates in the new version match any of the certificates in the old version,…
user139992
8
votes
3 answers

java.security.SignatureException: Signature does not match

I created a java keystore with name cloudsslkeystore.jks keytool -genkeypair -validity 730 -alias cloudsslkey -keystore cloudsslkeystore.jks -dname "cn=localhost" -keypass password -storepass password I exported it as certificate with name…
Himalay Majumdar
  • 3,883
  • 14
  • 65
  • 94
8
votes
1 answer

How to create pkcs12 truststore using openssl

I can export a Java truststore (JKS file with only certificates, no private key), using the keytool command to a p12 file: keytool -importkeystore -srckeystore truststore.jks -destkeystore truststore.p12 -deststoretype PKCS12 However, I can't seem…
Matt Hughes
  • 1,458
  • 2
  • 14
  • 17
8
votes
2 answers

How to update a Tomcat keystore with a renewed SSL certificate?

About a year ago I got an SSL certificate from GoDaddy and installed it on a Tomcat server following their instructions. No issues. The certificate is about to expire so I renewed it. GoDaddy sent me three .cer files. I can't figure out what to do…
user332000
  • 187
  • 1
  • 1
  • 9
8
votes
3 answers

Using a self-signed certificate

I am just trying to get my head around SSL. I have set up a Jetty server on my localhost, and generated my own certificate using Keytool. Now when I go to https://localhost:8443/ I get the can't trust this certificate error. I use keytool -export…
Mongus Pong
  • 11,337
  • 9
  • 44
  • 72
8
votes
1 answer

Not able to load P7B file into keystore file

I received a new certificate in crt / cert format. When I open this file in a text editor they added the complete certificate chain to this file. Each certificate starts with: -----BEGIN CERTIFICATE----- And ends with: -----END…
Mark Veenstra
  • 4,691
  • 6
  • 35
  • 66
8
votes
3 answers

cacerts.bks does not exist

I have rooted my Android (4.0.4) phone and installed an app which proxies all HTTP traffic through my computer. This works fine and I can see and modify all HTTP requests. But HTTPS-traffic does not pass through. I have exported the certificate of…
1' OR 1 --
  • 1,694
  • 1
  • 16
  • 32
1 2 3
88 89