java:keytool:list-certificates-from-jks
This is an old revision of the document!
Table of Contents
Create keystore jks file
In keystore we want to import the certificate chain and the private key.
We can't do this directly in keytool.
A PKCS12 file should be created which then will be imported in keystore.
Create PKCS12 file
Concatenate (manually) all intermediary CA certificates into a single file: all_cert.crt. Then run the above command. The snt.key is the private key of the certificate (the last one in the chain). Enter a password for the p12 file.
openssl pkcs12 -export -in snt_full.crt -inkey snt.key -name snt -out snt.p12
List JKS entries (certificates)
keytool.exe -list -rfc -keystore keystore.jks | openssl x509 -text
Output:
Enter keystore password: test* Certificate: Data: Version: 3 (0x2) Serial Number: 20 (0x14) Signature Algorithm: sha256WithRSAEncryption Issuer: C = FR, O = Test, CN = Test CA Validity Not Before: Oct 22 14:36:00 2017 GMT Not After : Aug 9 13:17:00 2019 GMT Subject: C = FR, O = Test, CN = Test Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:18:c9:2a:f8:01:a3:86:e6:32:63 ...............
java/keytool/list-certificates-from-jks.1596904627.txt.gz · Last modified: 2023/07/04 19:36 (external edit)