Stack Overflow
Stack Overflow

Questions tagged [keytool]

Key and Certificate Management Tool: manages a keystore (database) of cryptographic keys, X.509 certificate chains, and trusted certificates.

Keytool is a key and certificate management utility. It allows users to administer their own public/private key pairs and associated certificates for use in self-authentication (where the user authenticates himself/herself to other users/services) or data integrity and authentication services, using digital signatures. It also allows users to cache the public keys (in the form of certificates) of their communicating peers.

1325 questions
129
votes
2 answers

Add Self Signed Certificate without promting Yes/No from User

Using some batch file, I want to add the untrusted self signed certificate within Java Keystore. Command is %JAVA_HOME%/bin/keytool -import -v -trustcacerts -alias server-alias -file server.cer -keystore cacerts.jks -keypass changeit -storepass…
Arun Kumar
  • 6,534
  • 13
  • 40
  • 67
108
votes
6 answers

How can I create keystore from an existing certificate (abc.crt) and abc.key files?

I am trying to import a certificate and a key file into the keystore but I'm unable to do that. How can I create a keystore by importing both an existing certificate (abc.crt) and abc.key files?
Ravi Jain
  • 1,439
  • 3
  • 12
  • 6
78
votes
2 answers

Importing the private-key/public-certificate pair in the Java KeyStore

I used the following steps to create a new Java keystore with a pair of private/public key to be used by a Java (internal) server with TLS. Please notice that the certificate is selfsigned: 1) Generate key with AES256 openssl genrsa -aes256 -out…
kingston
  • 11,053
  • 14
  • 62
  • 116
78
votes
13 answers

keytool error bash: keytool: command not found

I have tried to execute keytool from Java bin directory but I get an error with warning bash: keytool: command not found. root@xxxxxx]# keytool -genkey -alias mypassword -keyalg RSA bash: keytools: command not found
Xcalibur
  • 1,865
  • 1
  • 12
  • 9
75
votes
2 answers

Check android keystore keypass for correctness

I'm automating some things that involve the android keytool and jarsigner. The tool takes a keystore, the password for the keystore, the alias name, and the password for the alias / key, and I'm trying to find a way to explicitly check to see if the…
Narfanator
  • 5,595
  • 3
  • 39
  • 71
69
votes
5 answers

Signing an APK with an upload key provided by Google Play

I'm trying to make sense of how to upload an app onto Google Play while using Google Play App Signing. Here is what I did: Created an app Used keytool.exe to generate a key for that app Uploaded the app to Google Play Enrolled in the Google Play…
Ronald
  • 719
  • 1
  • 6
  • 6
61
votes
5 answers

Certificate chain not found, how to fix and publish to Google Play Store?

ERROR MESSAGE: jarsigner: Certificate chain not found for: project_foo.
project_foo must reference a valid KeyStore key entry containing a private key and corresponding public key certificate chain. QUESTION: How do I include a public key…
campbellwarren
  • 660
  • 1
  • 5
  • 11
57
votes
5 answers

Java keytool easy way to add server cert from url/port

I have a server with a self-signed certificate, but also requires client side cert authentication. I am having a rough time trying to get the raw CA server cert so I can import it into a keystore. Anyone have some suggestions on how to easily do…
wuntee
  • 12,170
  • 26
  • 77
  • 106
56
votes
3 answers

How to add subject alternative name to ssl certs?

I'm using openssl to create self-signed certs. I'm getting this error with the certs I generated: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names present Does anyone know how to…
Sapphire
  • 1,107
  • 8
  • 20
  • 35
55
votes
5 answers

Change keystore password from no password to a non blank password

I have a jks keystore with no password. When I run the command keytool -list -keystore mykeystore.jks And it prompts me for the keystore password, I simply hit 'enter'. Please note that the keystore password IS NOT the default java password of…
Matthew Kirkley
  • 4,138
  • 5
  • 31
  • 33
54
votes
1 answer

while importing a certificate with keytool , Why to use trustcacerts option

keytool -import -trustcacerts I am confused with this trustcacerts option of keytool. When I googled on this, I found these points: Depending on the situation you may not require the -trustcacerts option. Try the operation without it if you…
Pawan
  • 31,545
  • 102
  • 256
  • 434
50
votes
8 answers

How to generate 11 char hash key for Sms Retriever with Google App signing

I had generated the 11 char hash using the AppSignatureHelper class. But after uploading the apk to play store, they hash doesn't work anymore. And I found out that Play replaces the key with another one which is why the hash gets changed as well.…
Farhan Farooqui
  • 918
  • 1
  • 9
  • 17
49
votes
4 answers

Tomcat Server/Client Self-Signed SSL Certificate

I have an Apache Tomcat 6.x server running with a self-signed SSL certificate. I want the client to present their own certificate to the server so I can authenticate them based on a database of users. I have it all working based on an example I…
davidemm
  • 2,001
  • 1
  • 23
  • 31
47
votes
8 answers

Keytool is not recognized as an internal or external command

I am trying to discover the list of trusted authorities in my Java Runtime using the instructions in this article. When I typed the command below: C:\ColdFusion8\runtime\jre\lib>keytool -list -storepass changeit -noprompt -keystore I got the…
Jack
  • 989
  • 3
  • 13
  • 24
44
votes
9 answers

Key hash for Facebook Android SDK

I can't figure out how to get the Key Hash required to use the Facebook Android SDK. I figured out that I can use keytool with these commands: keytool -exportcert -alias [alias] -keystore [keystore] | openssl sha1 -binary | openssl enc -a -e The…
Anders
  • 633
  • 2
  • 11
  • 21
1
2
3
88 89