May 2001
Intermediate to advanced
618 pages
20h 50m
English
Content preview from Java Security, 2nd EditionBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
The keytool
At an
administrative
level, keys are managed by keytool, a utility
supplied with the JRE. This tool allows you to create new keys,
import digital certificates, export existing keys, and generally
interact with the key management system.
The keytool has only a command-line interface;
in this section, we’ll look at the typical commands that add,
modify, list, and delete entries in the keystore. Along the way,
we’ll see how you can create your own keys and certificates and
how to get a valid certificate from an official certificate
authority. As we understand the operations provided by
keytool, we’ll be poised to understand the
underlying Java API that we’ll examine later in this chapter.
Global Options to keytool
Keytool implements a number of
global options -- options that are
available to most of its commands. We’ll list these as
appropriate for each command, but here’s an explanation of what
they do:
- -alias alias
Specify the alias the operation should apply to (e.g.,
-alias sdo). The default for this value is “mykey.”
- -dname distinguishedName
Specify the distinguished name. There is no default for this value, and if you do not specify it on the command line, you will be prompted to enter it when it is needed. Letting
keytoolprompt you is generally easier since the tool will prompt for the name one field at a time. Otherwise, you must enter the entire name in one quoted string, like this:-dname \ "CN=Scott Oaks, OU=JSD, O=Sun Microsystems, L=NY, S=NY, C=US"
- -keypass ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.