keytool

问题 I have a question about keytool.. I would to use this command: keytool -importkeystore -srckeystore foo.jks -destkeystore foo.p12 -srcstoretype jks -deststoretype pkcs12 Can I don't specify the srckeystore? I need this request because I don't know my keystore that I use.. :) I created the certificate in this way: keytool -genkey -alias myalias -keyalg RSA -keysize 2048 so, I don't have specified the keystore...In this way, Keytool which keystore will use? 回答1: If you use the keytool command

问题 I am having a web application on Apache Tomcat 7 and I have untrusted certificate on my web application. My web application has to communicate with another web application that is using https. However I always get this exception: Failed to make connection: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target I download

问题 I changed pass of my keystore: keytool -list -storetype JCEKS -keystore store.jceks -storepasswd -new secret here I have 3 entry passwd = new char[] { 's', 'e', 'c', 'r', 'e', 't' }; fis = new FileInputStream("myKeys.jceks"); ks.load(fis, passwd); KeyStore.SecretKeyEntry skEntry = (KeyStore.SecretKeyEntry) ks.getEntry(alias, new KeyStore.PasswordProtection( passwd)); here I got exception: java.security.UnrecoverableKeyException: Given final block not properly padded can you help me what is

问题 I am getting ERR_SSL_VERSION_OR_CIPHER_MISMATCH after using the certificate i obtained from GoDaddy. I converted the crt to jks and using it in tomcat. nmap --script ssl-enum-ciphers.nse -p443 site.com TLSv1.0: No supported ciphers found | TLSv1.1: No supported ciphers found |_ TLSv1.2: No supported ciphers found using tomcat7 回答1: It was a problem with the jks file. Since my requirement was to create a private key file to use in Node.js server and a tomcat keystore simultaneously. None of

问题 I am trying to generate a private/public key pair in X.509 format along with a self signed cert which I need to use for my SAML application. Here is what I have done: Generate Self Signed Cert and Private Key from here and save them in .pem format. Use the private key and generate a public key with the command openssl rsa -in key.pem -pubout -out pubkey.pem When I give these keys to my SAML application, it errors out on the public key generated on step 2 with the following message: java.io

问题 I am using jdk 1.6 in Windows. I have a .der file (DER Encoded X509 Certificate) that will like to add to my cacerts file... so I tried the following: keytool -import -keystore "C:\Program Files\Java\jdk1.6.0_27\jre\lib\security\cacerts" -trustcacerts -alias openldap -file "C:\cacert.der" I got the following error: java.security.cert.CertificateParsingException: java.io.IOException: subject key, java.security.spec.InvalidKeySpecException: Unknown key spec At first, I thoght it was a problemen

问题 I have a Java KeyStore with couple of entries sharing the same alias (duplicates). When I do a getEntry(...) or getCertificate(...) or getKey(...) , I always get the first entry in all the cases. How do I always get the ones that I want? I have tried exporting the first entry to an external file (using keytool ), and then deleting the first entry from the original KeyStore, and then importing back the exported entry with a different alias. This would work if the entry is a Trusted Certificate

问题 I've used phonegap Build to create my .apk file and i'm trying to sign it. I understand that I can do this with the following command: $ keytool -genkey -v -keystore my-release-key.keystore -alias alias_name -keyalg RSA -validity 10000 But when I run this in terminal I get 'command not found' ? I'm running this on a mac so from what I've read I have the required JDK installed ( I have xcode ) I guess it might be that the PATH is not set correctly to keytool, but I'm unable to find any simple

问题 I am trying to understand SSL more in depth but I was confused yesterday when I saw that you could specify -keyalg RSA with keytool. What is the difference between -keyalg RSA in keytool and a cipher suite which specifies RSA e.g. ECDHE_RSA_WITH_AES_128_CBC_SHA256. Thanks. 回答1: 'keyalg' specifies the algorithm for a private/public key pair, used in association with X.509 certificates for authentication purposes including the authentication phase of SSL. Cipher suites specify symmetric keys,

问题 Hi I want to ask about my error when I import Certificate using keytool this the error: C:\Program Files (x86)\Java\jre6\lib\security\imig.cer -keystore C:\Program File s (x86)\Java\jre6\lib\security\cacerts -storepass changeit keytool error: java.lang.RuntimeException: Usage error, Files is not a legal command please help my error code in keytool.. Thanks before 回答1: The error says that it's trying to interpret Files as a command. That's because -keystore argument is truncated after space -