Java keytool quick notes

I have been playing with SSL connections between a Java application and a server lately and understanding the keytool command has helped troubleshooting. So here are my quick notes:

To list the content of a keystore you simply use this command:

keytool -v -list -keystore keystoreFileName

It is useful to remember that the default keystore is in the $JAVA_HOME/ jre/lib/security/cacerts file and that the default password for it is “changeit”.

I also used the printcert command to list the content of some certificate:

keytool -printcert -v -file entrust.cer

Published by


Java developper that loves photography and an excellent espresso

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s