Exporting a Certificate Authenticating Your Public Key example using keytool in Java

By: Lakshmi Emailed: 1768 times Printed: 2515 times    

Latest comments
By: rohit kumar - how this program is work
By: Kirti - Hi..thx for the hadoop in
By: Spijker - I have altered the code a
By: ali mohammed - why we use the java in ne
By: ali mohammed - why we use the java in ne
By: mizhelle - when I exported the data
By: raul - no output as well, i'm ge
By: Rajesh - thanx very much...
By: Suindu De - Suppose we are executing

Suppose you have used the jarsigner tool to sign a Java ARchive (JAR) file. Clients that want to use the file will want to authenticate your signature.

One way they can do this is by first importing your public key certificate into their keystore as a "trusted" entry. You can export the certificate and supply it to your clients. As an example, you can copy your certificate to a file named MJ.cer via the following, assuming the entry is aliased by "mykey":

    keytool -exportcert -alias mykey -file MJ.cer

Given that certificate, and the signed JAR file, a client can use the jarsigner tool to authenticate your signature.

Changing Your Distinguished Name but Keeping your Key Pair

Suppose your distinguished name changes, for example because you have changed departments or moved to a different city. If desired, you may still use the public/private key pair you've previously used, and yet update your distinguished name. For example, suppose your name is Tuck Lee, and you created your initial key entry with the alias tLee and the distinguished name

  "cn=Tuck Lee, ou=Finance Department, o=BlueSoft, c=us"

Suppose you change from the Finance Department to the Accounting Department. You can still use the previously-generated public/private key pair and yet update your distinguished name by doing the following.

First, copy (clone) your key entry:

    keytool -keyclone -alias tLee -dest tLeeNew

(This prompts for the store password and for the initial and destination private key passwords, since they aren't provided at the command line.) Now you need to change the certificate chain associated with the copy, so that the first certificate in the chain uses your different distinguished name. Start by generating a self-signed certificate with the appropriate name:

    keytool -selfcert -alias tLeeNew
      -dname "cn=Tuck Lee, ou=Accounting Department, o=BlueSoft, c=us"

Then generate a Certificate Signing Request based on the information in this new certificate:

    keytool -certreq -alias tLeeNew

When you get the CA certificate reply, import it:

    keytool -import -alias tLeeNew -file VStLeeNew.cer

After importing the certificate reply, you may want to remove the initial key entry that used your old distinguished name:

    keytool -delete -alias tLee

Java Home | All Java Tutorials | Latest Java Tutorials

Sponsored Links

If this tutorial doesn't answer your question, or you have a specific question, just ask an expert here. Post your question to get a direct answer.

Bookmark and Share


Be the first one to add a comment

Your name (required):

Your email(required, will not be shown to the public):

Your sites URL (optional):

Your comments:

More Tutorials by Lakshmi
Exporting a Certificate Authenticating Your Public Key example using keytool in Java
while and do-while example in Java
Common SQL Commands
Data Access Technologies in Java
perror() Function - example program in C
Struts-GUI and Struts Console
Variable-length Argument Lists sample program in C
#if, #elif, #ifndef, #ifdef in C (Conditional Inclusion)
Use ImageButtonBean for Image based Form Submits in Struts
break and continue loops in C
Arguments - Call by Value in C
Using command-line arguments in C++
How to handle Exceptions in C++
Gauge sample program in J2ME
What is Reflection? - getConstructors(), getFields(), and getMethods()

More Tutorials in Java
Update contents of a file within a jar file
Tomcat and httpd configured in port 8080 and 80
Java File
Java String
Count number of vowels, consonants and digits in a String in Java
Reverse a number in Java
Student marks calculation program in Java
Handling Fractions in Java
Calculate gross salary in Java
Calculate average sale of the week in Java
Vector in Java - Sample Program
MultiLevel Inheritance sample in Java
Multiple Inheritance sample in Java
Java program using Method Overriding
Java program to check if user input is an even number

More Latest News
Most Viewed Articles (in Java )
InetAddress Example program in Java
Read from a COM port using Java program
Stack example in Java - push(), pop(), empty(), search()
Using StringTokenizer in Java
The Basic Structure of a Simple Java program
How to use ArrayList in Java
FileReader and FileWriter example program in Java
Transient vs Volatile modifiers in Java
Vector example in Java
Method Overriding in Java
Method Overloading (function overloading) in Java
instanceof sample program in Java
append() in Java
Student marks calculation program in Java
Reading from a file and writing to a file using Java program
Most Emailed Articles (in Java)
Text to Speech conversion program in Java
inheritance in Java
How to initialize an Array and how to copy the array
Using Charts in JasperReports
What is Unicode?
Operator Precedence in Java
Of Object, equals (), == and hashCode ()
DateFormat sample program in Java
A Simple whois program in Java
CharArrayReader example program in Java
ByteArrayOutputStream - sample program in Java
Vector example in Java
Arrays example in Java - asList(), binarySearch(), fill(), sort(), equals()
HashSet Sample program in Java
Disadvantages of using Native methods in Java