Key and certificate management utility. Together with
jarsigner, replaces the JDK 1.1
javakey utility. Keys and
certificates are maintained in a keystore.
keytool manages the keystore,
and jarsigner uses the
information in it for signing
.jar files. If you need to work with
keys and keystores, read the keytool(1)
manpage carefully first!
The command-line arguments to keytool are subcommands, each of which begins with a hyphen. Each subcommand, in turn, accepts suboptions.
Whenever keytool accepts a password for an option, if a password is not provided on the command line, the program prompts for one. Such options should not be used in scripts or on the command line, since they allow passwords to be seen. Similarly, keytool does not turn off echoing when prompting for a password, so make sure no one else can see your screen when using such options! See also jarsigner.
Generate a Certificate Signing Request.
Delete the entry for the alias given with
-alias from the keystore. With no
-alias option, prompt for the alias
From the keystore, export the certificate belonging to
the user specified with
-alias, storing it
in the file specified with
Add a new public/private key pair to the keystore.
Print a command usage summary.
Import information from the JDK 1.1 style identity
database specified with
-file. If no such option ...