Java Tools Tutorials - Herong's Tutorial Notes - Version 5.32, by Dr. Herong Yang
Certificates and Certificate Chains
This section describes what is public key certificates and certificate chains.
Certificate: A digitally signed statement from the issuer saying that the public key of the subject has some specific value.
The above definition is copied from the JDK documentation. It has a couple of important terms:
X.509 Certificate - A certificate written in X.509 standard format. X.509 standard was introduction in 1988. It requires a certificate to have the following information:
How can you get a certificate for your own public key?
Certificate Chain: A series of certificates that one certificate signs the public key of the issuer of the next certificate. Usually the top certificate (the first certificate) is self-signed, where issuer signed its own public key.
Last update: 2015.
Table of Contents
'javac' - The Java Program Compiler
'java' - The Java Program Launcher
'jconsole' - Java Monitoring and Management Console
'jstat' - JVM Statistics Monitoring Tool
jvisualvm (Java VisualVM) - JVM Visual Tool
'javap' - The Java Class File Disassembler
►'keytool' - Public Key Certificate Tool
►Certificates and Certificate Chains
'keystore' - Public Key Certificate Storage File
JDK 1.5 'keytool' - keystore File Management Commands
JDK 1.6 'keytool' - keystore File Management Commands
Generating Key Pairs and Self-Signed Certificates
Exporting and Import Certificates
Cloning Certificates with New Identities