Solved

keytool command

Posted on 2014-04-13
3
289 Views
Last Modified: 2014-04-14
I am confused about the keytool and certs in general

What part of this command (which parameter) actually performs a 'self-sign'.

What part of the command (which parm) makes it a private key.  Why is this a private key

keytool -genkey -alias First_Java_Cert -keyalg RSA -keystore /home/ssl/keystore.jks -storepass passw0rd
-dname "CN=first, O=IBM, C=GB" -keypass passw0rd
0
Comment
Question by:Anthony Lucia
  • 2
3 Comments
 
LVL 33

Accepted Solution

by:
Dave Howe earned 500 total points
ID: 39997768
the "genkey" for the standard java keytool generates both a keypair and a self-signed certificate.
0
 

Author Comment

by:Anthony Lucia
ID: 39997782
You said the genkey created

- self signed

- Key pair

I assume by keypair you mean that it created a public and private key

So does that mean that both a public and private key are contained within the cert that was created ?
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 39998461
No. The private key never leaves the jar file, the public key is contained in the cert.

This is exactly the same system as you use for https certificates, just the java way to create and store them.
0

Featured Post

Get up to 2TB FREE CLOUD per backup license!

An exclusive Black Friday offer just for Expert Exchange audience! Buy any of our top-rated backup solutions & get up to 2TB free cloud per system! Perform local & cloud backup in the same step, and restore instantly—anytime, anywhere. Grab this deal now before it disappears!

Join & Write a Comment

Healthcare organizations in the United States must adhere to the guidance of both the HIPAA (Health Insurance Portability and Accountability Act) and HITECH (Health Information Technology for Economic and Clinical Health Act) for securing and protec…
Never store passwords in plain text or just their hash: it seems a no-brainier, but there are still plenty of people doing that. I present the why and how on this subject, offering my own real life solution that you can implement right away, bringin…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now