Requesting a Signed Certificate from a Certification Authority example using keytool in Java

By: Ivan Lim Viewed: 192 times  Printer Friendly Format    


A certificate is more likely to be trusted by others if it is signed by a Certification Authority (CA). To get such a signature, you first generate a Certificate Signing Request (CSR), via the following:

    keytool -certreq -file MarkJ.csr

This creates a CSR (for the entity identified by the default alias "mykey") and puts the request in the file named "MarkJ.csr". Submit this file to a CA, such as VeriSign, Inc. The CA will authenticate you, the requestor (usually off-line), and then will return a certificate, signed by them, authenticating your public key. (In some cases, they will actually return a chain of certificates, each one authenticating the public key of the signer of the previous certificate in the chain.)



Most Viewed Articles (in Java )

Latest Articles (in Java)

Comment on this tutorial