?
Solved

keytool command

Posted on 2014-04-13
3
Medium Priority
?
361 Views
Last Modified: 2014-04-14
I am confused about the keytool and certs in general

What part of this command (which parameter) actually performs a 'self-sign'.

What part of the command (which parm) makes it a private key.  Why is this a private key

keytool -genkey -alias First_Java_Cert -keyalg RSA -keystore /home/ssl/keystore.jks -storepass passw0rd
-dname "CN=first, O=IBM, C=GB" -keypass passw0rd
0
Comment
Question by:Anthony Lucia
  • 2
3 Comments
 
LVL 33

Accepted Solution

by:
Dave Howe earned 2000 total points
ID: 39997768
the "genkey" for the standard java keytool generates both a keypair and a self-signed certificate.
0
 

Author Comment

by:Anthony Lucia
ID: 39997782
You said the genkey created

- self signed

- Key pair

I assume by keypair you mean that it created a public and private key

So does that mean that both a public and private key are contained within the cert that was created ?
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 39998461
No. The private key never leaves the jar file, the public key is contained in the cert.

This is exactly the same system as you use for https certificates, just the java way to create and store them.
0

Featured Post

Managing Security Policy in a Changing Environment

The enterprise network environment is evolving rapidly as companies extend their physical data centers to embrace cloud computing and software-defined networking. This new reality means that the challenge of managing the security policy is much more dynamic and complex.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are like me and like multiple layers of protection, read on!
Your business may be under attack from a silent enemy that is hard to detect. It works stealthily in the shadows to access and exploit your critical business information, sensitive confidential data and intellectual property, for commercial gain. T…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

621 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question