How to use the keytool command in Linux

Home > Search > Linux commands > How-to
  by

The keytool command can be used to perform a variety of tasks, such as viewing, importing, exporting, and deleting certificates in a keystore. The keytool command is included with Java, thus you will need to install Java to use the keytool command.


View certificates

The -list and -v (verbose) options can be used to view certificates in a keystore.

keytool -list -v -keystore "/path/to/keystore.file"

 

The number of entries in the keystore will be displayed.

Your keystore contains 2 entries

 

The prior command will display every certificate in the keystore. The -alias option can be used to display a specific certificate.

keytool -list -v -keystore "/path/to/keystore.file" -alias alias_name

 

If the keystore file is password protected, the -storepass option can be used to provide the password. Often, even if a keystore is secured with a password, no password may be needed to view the contents of the keystore.

keytool -list -v -keystore "/path/to/keystore.file" -storepass the_keystore_password

 


Import a certificate

Use the import option to import a certificate into the keystore. Some aliases have spaces, so it is usually a good pratice to place double quotes around the alias name.

keytool -import –trustcacerts -file "/path/to/certificate.pem" -alias "alias name" -keystore "/path/to/keystore"

 


Export a certificate

The export option can be used to export a certificate from a keystore. Some aliases have spaces, so it is usually a good pratice to place double quotes around the alias name.

keytool -export -alias "alias name" -file example.crt -keystore "/path/to/keystore"

 


Delete a certificate

The delete option can be used to delete a certificate from a keystore.

keytool -delete -keystore "/path/to/keystore.file" -alias alias_name

 


PKCS12 / P12

The -storetype option can be used for .p12 files.

keytool -list -v -keystore "/path/to/keystore.file" -storetype PKCS12

 



Add a Comment




We will never share your name or email with anyone. Enter your email if you would like to be notified when we respond to your comment.




Please enter in the box below so that we can be sure you are a human.




Comments