OpenSSL command to extract SSL host certificate
openssl s_client -servername <<servername>> -connect <<servername>>:<<portnumber>>
Java Keytool Commands for Creating and Importing
- Generate a Java keystore and key pairkeytool -genkey -alias mydomain -keyalg RSA -keystore keystorename.jks -keysize 2048
- Generate a certificate signing request for an existing Java keystorekeytool -certreq -alias domainname -keystore keystore.jks -file domainname.csr
- Import a root or intermediate CA certificate to an existing Java keystorekeytool -import -trustcacerts -alias root -file serverchain1.crt -keystore keystore.jks
- Import a signed primary certificate to an existing Java keystorekeytool -import -trustcacerts -alias mydomainname -file mydomainname.crt -keystore keystore.jks
- keytool -genkey -keyalg RSA -alias selfsigned -keystore keystore.jks -storepass password -validity 360 -keysize 2048
Java Keytool Commands for Checking
- Check a stand-alone certificatekeytool -printcert -v -file mydomain.crt
- Check which certificates are in a Java keystorekeytool -list -v -keystore keystore.jks
- Check a particular keystore entry using an aliaskeytool -list -v -keystore keystore.jks -alias mydomain
- Delete a certificate from a Java Keytool keystorekeytool -delete -alias mydomain -keystore keystore.jks
- Change a Java keystore passwordkeytool -storepasswd -new new_storepass -keystore keystore.jks
- Export a certificate from a keystorekeytool -export -alias mydomain -file mydomain.crt -keystore keystore.jks
- List Trusted CA Certskeytool -list -v -keystore $JAVA_HOME/jre/lib/security/cacerts
- Import New CA into Trusted Certskeytool -import -trustcacerts -file /path/to/ca/ca.pem -alias CA_ALIAS -keystore $JAVA_HOME/jre/lib/security/cacerts
No comments:
Post a Comment