13 September 2014

Using Java Keytool to Manage SSL Certs

Set path to java bin folder

The full path is something like this:

C:\Program Files (x86)\Java\jdk1.6.0_24\bin

That is because you need to be able to access the keytool.exe in bin folder:


Run cmd as administrator

Make sure you run cmd as administrator or else you won't be able to modify the cacerts:

Run as administrator

Change directory to the cacerts directory

In the command prompt, cd to:

C:\Program Files (x86)\Java\jdk1.6.0_24\jre\lib\security

In the directory, you will see a file cacerts, the certs are all stored there.

Listing cacerts

In the command prompt, type:

keytool -list -keystore cacerts

When prompted for password, try changeit, if that doesn't work, try changeme.

You can also add alias to list a specific cert:

keytool -list -alias MyCert -keystore cacerts

Importing cert


keytool -import -alias MyCert -keystore cacerts -file C:\MyCert.cer

Same thing, it will prompt for password, after that it will confirm whether to add, just type yes and press enter.

Deleting cert


keytool -delete -alias MyCert -keystore cacerts

Type password to delete.

No comments: