- Command for creating the key store
- $JAVA_HOME/bin/keytool -genkeypair -alias test -keystore testStore.jks -dname "cn=test" -keypass testpass -storepass testpass -keyalg rsa -validity 9999
- Command for self sign the certificate
- $JAVA_HOME/bin/keytool -selfcert -alias test -keystore testStore.jks -keypass testpass -storepass testpass -validity 9999
- Command for export the certificate
- $JAVA_HOME/bin/keytool -export -keystore testStore.jks -alias test -storepass testpass -file testpub.cer
- Command for import the certificate
- $JAVA_HOME/bin/keytool -import -alias pubcer -file testpub.cer -keystore testStore.jks -storepass storepass
- Command for checking the stand alone certificate
- $JAVA_HOME/bin/keytool -printcert -v -file test.crt
- Command for list the certificate in keystore
- $JAVA_HOME/bin/keytool -list -v -keystore testStore.jks
- Command for delete a certificate from keystore
- keytool -delete -alias test -keystore testStore.jks
- Command for change the password of keystore
- keytool -storepasswd -new newpassword -keystore testStore.jks
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
public class KeystoreOperation{
public static void main(String args[]){
KeystoreOperation keyStoreOpr = new KeystoreOperation();
keyStoreOpr.getKeyStore("keyStorePath");
keyStoreOpr.addCertificate();
keyStoreOpr.deleteCertificate();
}
private KeyStore getKeyStore(String keyStorePath){
String keyStorePassword=null;// provide key store password
FileInputStream fis = null;
try {
fis = new FileInputStream( new File(keyStorePath) );
KeyStore keyStore = KeyStore.getInstance( KeyStore.getDefaultType() );
keyStore.load(fis, keyStorePassword.toCharArray());
return keyStore;
} catch (Exception e) {
throw new RuntimeException(e.getMessage(),e);
} finally {
try{
fis.close();
}catch(Exception ex){
throw new RuntimeException(ex.getMessage(),ex);
}
}
}
private void addCertificate() {
byte[] cert=null;//provide certificate absolute path
String alias=null;// provide certificate alise name
String keyStorePassword=null; // provide key store password
String keyStorePath=null;//location of key store
ByteArrayInputStream bais = null;
try {
KeyStore keyStore = getKeyStore(keyStorePath);
bais = new ByteArrayInputStream( cert );
Certificate certificate = CertificateFactory.getInstance("X.509").generateCertificate(bais);
keyStore.setCertificateEntry(alias, certificate);
saveKeyStore(keyStore, keyStorePassword);
} catch (Exception e) {
throw new RuntimeException(e.getMessage(),e);
} finally {
try{
bais.close() ;
}catch(Exception ex){
throw new RuntimeException(ex.getMessage(),ex);
}
}
}
private void deleteCertificate() {
String alias=null;// provide certificate alise name
String keyStorePassword=null; // provide key store password
String keyStorePath=null;//location of key store
try {
KeyStore keyStore = getKeyStore(keyStorePath);
keyStore.deleteEntry(alias);
saveKeyStore(keyStore, keyStorePassword);
} catch (Exception e) {
throw new RuntimeException(e.getMessage(),e);
}
}
private void saveKeyStore(KeyStore keyStore, String keyStorePassword){
FileOutputStream fos = null;
String keyStorePath=null;//location of key store
try {
fos = new FileOutputStream(new File(keyStorePath));
keyStore.store(fos, keyStorePassword.toCharArray());
fos.flush();
} catch (Exception e) {
throw new RuntimeException(e.getMessage(),e);
} finally {
try{
fos.close();
}catch(Exception ex){
throw new RuntimeException(ex.getMessage(),ex);
}
}
}
}
