A Java KeyStore (JKS) is a repository of security certificates. A KeyStore can contains private key certificates, public key certificates and symmetric keys. This is typically a file, but the storage can also be handled in different ways.
Simply we can consider a KeyStore as key/value pair storage such as database table. Key is alias and value is the certificate. Alias name is used to identify a given certificate in the KeyStore uniquely.
There are two main types of certificate entries
1. Private key certificate entry (PrivateKeyEntry)
2. Trusted certificate entry (trustedCertEntry)
Private key entry of KeyStore represents the public certificate chain details which is related to a private key. Trust certificate entry represents a given public certificate.
Lets list KeyStore from keytool command and see
>keytool -list -keystore service.jks
You can see alias name and the certificate metadata
If you need to list the certificate with more details, you can use command with -v option.
>keytool -list -v -keystore service.jks
You can even list only the certificate entry which is given by alias name.
As an example; if we list the private key certificate entry, it would list the corresponding public certificate chain
>keytool -list -v -keystore service.jks -alias service
If trusted certificate is listed
>keytool -list -v -keystore service.jks -alias client
Thanks for reading..!!!
Simply we can consider a KeyStore as key/value pair storage such as database table. Key is alias and value is the certificate. Alias name is used to identify a given certificate in the KeyStore uniquely.
There are two main types of certificate entries
1. Private key certificate entry (PrivateKeyEntry)
2. Trusted certificate entry (trustedCertEntry)
Private key entry of KeyStore represents the public certificate chain details which is related to a private key. Trust certificate entry represents a given public certificate.
Lets list KeyStore from keytool command and see
>keytool -list -keystore service.jks
You can see alias name and the certificate metadata
If you need to list the certificate with more details, you can use command with -v option.
>keytool -list -v -keystore service.jks
You can even list only the certificate entry which is given by alias name.
As an example; if we list the private key certificate entry, it would list the corresponding public certificate chain
>keytool -list -v -keystore service.jks -alias service
If trusted certificate is listed
>keytool -list -v -keystore service.jks -alias client
Thanks for reading..!!!
Post a Comment
0 comments
Dear readers, after reading the Content please ask for advice and to provide constructive feedback Please Write Relevant Comment with Polite Language.Your comments inspired me to continue blogging. Your opinion much more valuable to me. Thank you.