diff options
Diffstat (limited to 'cheats/keytool.cheat')
| -rw-r--r-- | cheats/keytool.cheat | 58 |
1 files changed, 0 insertions, 58 deletions
diff --git a/cheats/keytool.cheat b/cheats/keytool.cheat deleted file mode 100644 index 7b067be..0000000 --- a/cheats/keytool.cheat +++ /dev/null @@ -1,58 +0,0 @@ -% java keytool, certificate, encryption - -## Creating -# Generate a Java keystore and key pair -keytool -genkey -alias <ALIAS> -keyalg RSA -keystore <OUTPUT_JKS> -keysize <RSA_LENGTH> - -# Generate a certificate signing request (CSR) for an existing Java keystore -keytool -certreq -alias <ALIAS> -keystore <INPUT_JKS> -file <OUTPUT_CSR> - -# Import a root or intermediate CA certificate to an existing Java keystore -keytool -import -trustcacerts -alias root -file <INPUT_CRT> -keystore <INPUT_JKS> - -# Import a signed primary certificate to an existing Java keystore -keytool -import -trustcacerts -alias <ALIAS> -file <INPUT_CRT> -keystore <INPUT_JKS> - -# Generate a keystore and self-signed certificate -keytool -genkey -keyalg RSA -alias <ALIAS> -keystore <OUTPUT_JKS> -storepass <PASSWORD> -validity <VALIDITY> -keysize <RSA_LENGTH> - - - -## Verifying -# Check a stand-alone certificate -keytool -printcert -v -file <INPUT_CRT> - -# Check which certificates are in a Java keystore -keytool -list -v -keystore <INPUT_JKS> - -# Check a particular keystore entry using an alias -keytool -list -v -keystore <INPUT_JKS> -alias <ALIAS> - - - -## Other -# Remove a certificate from a keystore -keytool -delete -alias <ALIAS> -keystore <INPUT_JKS> - -# Change the password of a keystore -keytool -storepasswd -keystore <INPUT_JKS> -new <NEW_PASSWORD> - -# Export a certificate from a keystore -keytool -export -alias <ALIAS> -file <OUTPUT_CRT> -keystore <INPUT_JKS> - -# List the trusted CA Certs from the default Java Trusted Certs Keystore -keytool -list -v -keystore $JAVA_HOME/jre/lib/security/cacerts - -# Import New Certificate Authority into the default Java Trusted Certs Keystore -keytool -import -trustcacerts -file <INPUT_PEM> -alias <ALIAS> -keystore $JAVA_HOME/jre/lib/security/cacerts - - - -# Sensible/common default alternatives -$ VALIDITY: printf "DAYS\tCOMMENT\n1\ta day\n30\ta month\n365\ta year\n730\ttwo years" --- --column 1 --headers 1 -$ RSA_LENGTH: printf "KEY LENGTH\tCOMMENT\n2048\t\tDefault\n4096\t\tBetter\n8192\t\tSlow?" --- --column 1 --headers 1 - -# Attempt to find files with the appropriate endings, default to everything. -$ INPUT_CRT: ls -a | grep -e "\(.crt\|.cer\|.der\)" || ls -a -$ INPUT_PEM: ls -a | grep -e "\(.pem\)" || ls -a -$ INPUT_JKS: ls -a | grep -e "\(.jks\)" || ls -a |