FreeKB (2024)

Java - List the certificates in a keystore or truststore using the Java keytool command

FreeKB (1)

If you are not familiar with the Java keytool command, check out our Getting Started article.

TheJava keytool command with the-listoptioncan be used to view certificates in a Java keystore or truststore file.

AVOID TROUBLE

See Also
Support

If the keystore or truststore type is PKCS12, the-storetype pkcs12option must be used.

If the Java keystore or truststore is password protected, you will be prompted for the password.

~]$ keytool -keystore /path/to/keystore.p12 -storetype pkcs12 -listEnter keystore password:

Or, the-storepassoption can be used to provide the password on the command line.

  • PrivateKeyEntrycontains a private key and typically the public certificates that make up the certificate chain (the root certificate authority (CA) certificate, the intermediate certificate authority (CA) certifiate, and the server certificate).
  • trustedCertEntrytypically contains only the root certificate authority (CA) certificate but may contain thepublic certificates that make up the certificate chain (the root certificate authority (CA) certificate, the intermediate certificate authority (CA) certifiate, and the server certificate). A trustedCertEntry does not contain a private key.
~]# keytool -keystore /path/to/keystore.p12 -storetype pkcs12 -list -storepass itsasecretKeystore type: pkcs12Keystore provider: SUNYour keystore contains 3 entriesDigiCert, Aug 21, 2023, trustedCertEntry, Certificate fingerprint (SHA1): 1E:0C:EB:DC:CA:E3:DC:16:76:77:EE:BE:91:9B:43:3D:9D:10:15:8EGoDaddy, Oct 14, 2023, trustedCertEntry, Certificate fingerprint (SHA1): 8A:7B:10:43:A1:BE:78:D0:CF:12:9F:02:8C:99:F2:3D:1A:69:81:1Dexample.com, May 12, 2023, PrivateKeyEntry,Certificate fingerprint (SHA1): D0:80:B9:77:80:F9:DA:FF:77:54:4F:36:B1:A8:03:6F:25:EE:1C:72

The -v (verbose) optioncan be used to display the full details of each trustedCertEntry andPrivateKeyEntry in the keystore.

keytool -keystore /path/to/keystore.p12 -storetype pkcs12 -list -v

Or, the-aliasoption can be used to display the full details of a specifictrustedCertEntry andPrivateKeyEntry in the keystore.

~]# keytool -keystore /path/to/keystore.p12 -storetype pkcs12 -list -v -alias example.comKeystore type: PKCS12Keystore provider: SUNYour keystore contains 1 entryAlias name: example.comCreation date: Feb 10, 2023Entry type: PrivateKeyEntryCertificate chain length: 3Certificate[1]:Owner: CN=www.example.com, OU=Information Technology, O=Acme, L=Appleton, ST=WI, C=USIssuer: CN=IntermediateCA, DC=example, DC=comSerial number: 3a000001d8af30a16a44402b790001000001d8Valid from: Wed Jun 29 14:30:15 UTC 2022 until: Thu Jun 29 14:30:15 UTC 2023Certificate fingerprints: SHA1: D0:80:B9:77:80:F9:DA:FF:77:54:4F:36:B1:A8:03:6F:25:EE:1C:72 SHA256: 14:8C:CD:59:A9:C4:48:45:33:28:C3:AE:E7:6C:B6:1E:0A:F5:3B:9C:64:E5:BB:02:69:30:81:D9:6D:5F:06:ADSignature algorithm name: SHA256withRSASubject Public Key Algorithm: 2048-bit RSA keyVersion: 3

The-rfcflag can be used to return the encoded certificate data.

keytool -keystore /path/to/keystore.p12 -storetype pkcs12 -list -rfc

Did you find this article helpful?

If so, consider buying me a coffee over at FreeKB (2)


FreeKB (2024)
Top Articles
Inflation Rate between 1981-2019 | Canada Inflation Calculator
The History Behind Kraft Heinz Co.
Custom Screensaver On The Non-touch Kindle 4
Wordscapes Level 6030
T Mobile Rival Crossword Clue
Boomerang Media Group: Quality Media Solutions
Recent Obituaries Patriot Ledger
GAY (and stinky) DOGS [scat] by Entomb
Goteach11
Tight Tiny Teen Scouts 5
Thayer Rasmussen Cause Of Death
Summer Rae Boyfriend Love Island – Just Speak News
Hoe kom ik bij mijn medische gegevens van de huisarts? - HKN Huisartsen
Midlife Crisis F95Zone
Gemita Alvarez Desnuda
Ally Joann
Breckie Hill Mega Link
Clare Briggs Guzman
The Old Way Showtimes Near Regency Theatres Granada Hills
Lisas Stamp Studio
Reborn Rich Kissasian
Air Quality Index Endicott Ny
6 Most Trusted Pheromone perfumes of 2024 for Winning Over Women
Hctc Speed Test
Netwerk van %naam%, analyse van %nb_relaties% relaties
Apparent assassination attempt | Suspect never had Trump in sight, did not get off shot: Officials
Dtm Urban Dictionary
Ou Football Brainiacs
Federal Express Drop Off Center Near Me
Downloahub
Little Caesars Saul Kleinfeld
Word Trip Level 359
Xfinity Outage Map Lacey Wa
Aladtec Login Denver Health
Desirulez.tv
Exploring TrippleThePotatoes: A Popular Game - Unblocked Hub
Indiana Wesleyan Transcripts
Personalised Handmade 50th, 60th, 70th, 80th Birthday Card, Sister, Mum, Friend | eBay
Bay Focus
The Transformation Of Vanessa Ray From Childhood To Blue Bloods - Looper
Spectrum Outage in Genoa City, Wisconsin
Sdn Fertitta 2024
Gregory (Five Nights at Freddy's)
Alpha Labs Male Enhancement – Complete Reviews And Guide
Martha's Vineyard – Travel guide at Wikivoyage
Darkglass Electronics The Exponent 500 Test
Gabrielle Abbate Obituary
Menu Forest Lake – The Grillium Restaurant
Ronnie Mcnu*t Uncensored
Used Auto Parts in Houston 77013 | LKQ Pick Your Part
Latest Posts
Spreadsheets Overview
I uninstalled a game and can't remember the name. How can I get it back?
Article information

Author: Van Hayes

Last Updated:

Views: 5955

Rating: 4.6 / 5 (66 voted)

Reviews: 81% of readers found this page helpful

Author information

Name: Van Hayes

Birthday: 1994-06-07

Address: 2004 Kling Rapid, New Destiny, MT 64658-2367

Phone: +512425013758

Job: National Farming Director

Hobby: Reading, Polo, Genealogy, amateur radio, Scouting, Stand-up comedy, Cryptography

Introduction: My name is Van Hayes, I am a thankful, friendly, smiling, calm, powerful, fine, enthusiastic person who loves writing and wants to share my knowledge and understanding with you.