Certificates and Certificate Chains

This section describes what is public key certificates and certificate chains.

Certificate: A digitally signed statement from the issuer saying that the public key of the subject has some specific value.

The above definition is copied from the JDK documentation. It has a couple of important terms:

X.509 Certificate - A certificate written in X.509 standard format. X.509 standard was introduction in 1988. It requires a certificate to have the following information:

How can you get a certificate for your own public key?

Certificate Chain: A series of certificates that one certificate signs the public key of the issuer of the next certificate. Usually the top certificate (the first certificate) is self-signed, where issuer signed its own public key.

Last update: 2015.

Table of Contents

 About This Book

 Java Tools Terminology

 Installing Java 8 on Windows

 'javac' - The Java Program Compiler

 'java' - The Java Program Launcher

 'jdb' - The Java Debugger

 'jconsole' - Java Monitoring and Management Console

 'jstat' - JVM Statistics Monitoring Tool

 JVM Troubleshooting Tools

 jvisualvm (Java VisualVM) - JVM Visual Tool

 'jar' - The JAR File Tool

 'javap' - The Java Class File Disassembler

'keytool' - Public Key Certificate Tool

Certificates and Certificate Chains

 'keystore' - Public Key Certificate Storage File

 JDK 1.5 'keytool' - keystore File Management Commands

 JDK 1.6 'keytool' - keystore File Management Commands

 Generating Key Pairs and Self-Signed Certificates

 Exporting and Import Certificates

 Cloning Certificates with New Identities

 'native2ascii' - Native-to-ASCII Encoding Converter

 Outdated Tutorials


 PDF Printing Version