FreeKB - Java Keystore keytool list command (List certificates)
Java Keystore - keytool list command (List certificates)

If you are not familiar with the Java keytool command, check out our Getting Started article.

The -list option can be used to view certificates in a keystore file.

keytool -list -keystore "/path/to/keystore"


In this example, the keystore file contains two certificates. The certificate aliases are foo and bar.

Keystore type: jks
Keystore provider: SUN

Your keystore contains 2 entries

foo, Aug 21, 2019, trustedCertEntry, 
Certificate fingerprint (SHA1): 1E:0C:EB:DC:CA:E3:DC:16:76:77:EE:BE:91:9B:43:3D:9D:10:15:8E
bar, Oct 14, 2019, trustedCertEntry, 
Certificate fingerprint (SHA1): 8A:7B:10:43:A1:BE:78:D0:CF:12:9F:02:8C:99:F2:3D:1A:69:81:1D


The -v (verbose) option can be used to display the full details of each certificate.

keytool -list -v -keystore "/path/to/keystore"


The -alias option can be used to display a specific certificate.

keytool -list -v -keystore "/path/to/keystore" -alias alias_name


If the keystore file is password protected, the -storepass option can be used to provide the password. Often, even if a keystore is secured with a password, no password may be needed to view the contents of the keystore.

keytool -list -v -keystore "/path/to/keystore" -storepass the_keystore_password


The -rfc flag can be used to return the encoded certificate data.

keytool -list -keystore "/path/to/keystore" -rfc


Add a Comment

We will never share your name or email with anyone. Enter your email if you would like to be notified when we respond to your comment.

Please enter ae0d3 in the box below so that we can be sure you are a human.


Web design by yours truely - me, myself, and I   |   |