A Java KeyStore (JKS) is a repository of security certificates. A KeyStore can contains private key certificates, public key certificates and symmetric keys. This is typically a file, but the storage can also be handled in different ways. 

Simply we can consider a KeyStore as  key/value pair storage such as database table. Key is alias and value is the certificate.  Alias name is used to identify a given certificate in the KeyStore uniquely. 

There are two main types of certificate entries

1. Private key certificate entry (PrivateKeyEntry)
2. Trusted certificate entry (trustedCertEntry)

Private key entry of KeyStore represents the public certificate chain details which is related to a private key.   Trust certificate entry represents a given public certificate.
Lets list KeyStore from keytool command and see 

>keytool -list -keystore service.jks

You can see alias name and the certificate metadata

If you need to list the certificate with more details,  you can use command with -v option.

>keytool -list -v -keystore service.jks

You can even list only the certificate entry which is given by alias name. 

As an example;  if we list the private key certificate entry,  it would list the corresponding public certificate chain 

>keytool -list -v -keystore service.jks -alias service

If trusted certificate is listed

>keytool -list -v -keystore service.jks -alias client

Thanks for reading..!!!
Newer Post
This is the last post.

Post a Comment

Dear readers, after reading the Content please ask for advice and to provide constructive feedback Please Write Relevant Comment with Polite Language.Your comments inspired me to continue blogging. Your opinion much more valuable to me. Thank you.