java:keytool:list-certificates-from-jks
This is an old revision of the document!
Table of Contents
Create keystore jks file
In keystore we want to import the certificate chain and the private key.
We can't do this directly in keytool.
A PKCS12 file should be created which then will be imported in keystore.
Create PKCS12 file
Concatenate (manually) all intermediary CA certificates into a single file: all_cert.crt. Then run the above command. The snt.key is the private key of the certificate (the last one in the chain). Enter a password for the p12 file.
openssl pkcs12 -export -in snt_full.crt -inkey snt.key -name snt -out snt.p12
List JKS entries (certificates)
keytool.exe -list -rfc -keystore keystore.jks | openssl x509 -text
Output:
Enter keystore password: test*
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20 (0x14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = FR, O = Test, CN = Test CA
Validity
Not Before: Oct 22 14:36:00 2017 GMT
Not After : Aug 9 13:17:00 2019 GMT
Subject: C = FR, O = Test, CN = Test
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:18:c9:2a:f8:01:a3:86:e6:32:63
...............
java/keytool/list-certificates-from-jks.1596904627.txt.gz · Last modified: 2023/07/04 19:36 (external edit)