Java Tools Tutorials - Herong's Tutorial Notes - Version 5.32, by Dr. Herong Yang
Cloning Certificates with New Identities
This section provides a tutorial example on how to clone a certificates stored in a 'keystore' file using 'keytool'.
In the third example, I want to create a new key entry with the same key pair of an existing key entry, but change the identity information:
C:\herong>keytool -keyclone -alias my_home -dest my_copy -keypass My1stKey -new My2ndKey -keystore herong.jks -storepass HerongJKS C:\herong>keytool -selfcert -alias my_copy -keypass My2ndKey -dname "cn=Herong Yang, ou=My Unit 2, o=My Organization 2, c=US" -keystore herong.jks -storepass HerongJKS C:\herong>keytool -export -alias my_copy -file my_copy.crt -keystore herong.jks -storepass HerongJKS Certificate stored in file <my_copy.crt> C:\herong>keytool -printcert -file my_copy.crt Owner: CN=Herong Yang, OU=My Unit 2, O=My Organization 2, C=US Issuer: CN=Herong Yang, OU=My Unit 2, O=My Organization 2, C=US Serial number: 40798b4f Valid from: Sat Jun 1 14:15:43 EDT 2012 until: Sat Aug 31 14:15:43... Certificate fingerprints: MD5: 4A:E4:D9:BC:E9:8C:50:27:6C:00:59:76:D1:14:05:79 SHA1: FA:F5:30:78:22:3B:52:28:0D:41:24:0B:CA:CC:6F:D4:0E:...
Last update: 2015.
Table of Contents
'javac' - The Java Program Compiler
'java' - The Java Program Launcher
'jconsole' - Java Monitoring and Management Console
'jstat' - JVM Statistics Monitoring Tool
jvisualvm (Java VisualVM) - JVM Visual Tool
'javap' - The Java Class File Disassembler
►'keytool' - Public Key Certificate Tool
Certificates and Certificate Chains
'keystore' - Public Key Certificate Storage File
JDK 1.5 'keytool' - keystore File Management Commands
JDK 1.6 'keytool' - keystore File Management Commands
Generating Key Pairs and Self-Signed Certificates
Exporting and Import Certificates
►Cloning Certificates with New Identities