Solved

keytool command

Posted on 2014-04-13
3
315 Views
Last Modified: 2014-04-14
I am confused about the keytool and certs in general

What part of this command (which parameter) actually performs a 'self-sign'.

What part of the command (which parm) makes it a private key.  Why is this a private key

keytool -genkey -alias First_Java_Cert -keyalg RSA -keystore /home/ssl/keystore.jks -storepass passw0rd
-dname "CN=first, O=IBM, C=GB" -keypass passw0rd
0
Comment
Question by:Anthony Lucia
  • 2
3 Comments
 
LVL 33

Accepted Solution

by:
Dave Howe earned 500 total points
ID: 39997768
the "genkey" for the standard java keytool generates both a keypair and a self-signed certificate.
0
 

Author Comment

by:Anthony Lucia
ID: 39997782
You said the genkey created

- self signed

- Key pair

I assume by keypair you mean that it created a public and private key

So does that mean that both a public and private key are contained within the cert that was created ?
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 39998461
No. The private key never leaves the jar file, the public key is contained in the cert.

This is exactly the same system as you use for https certificates, just the java way to create and store them.
0

Featured Post

Active Directory Webinar

We all know we need to protect and secure our privileges, but where to start? Join Experts Exchange and ManageEngine on Tuesday, April 11, 2017 10:00 AM PDT to learn how to track and secure privileged users in Active Directory.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In this increasingly digital world, security hacks are no longer just a threat, but a reality. As we've witnessed with Target's big identity hack 2013, Heartbleed in 2015, and now Cloudbleed, companies and their leaders need to prepare for the unthi…
As cyber crime continues to grow in both numbers and sophistication, a troubling trend of optimization has emerged over the last year.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question