轉載：Keytool 工具介紹

1.產生一個keystore:

keytool -genkey -alias myssl -keyalg RSA -keystore myssl.jks

運行這個命令,系統提示:

Enter keystore password:(輸入keystore密碼:) 
yourpassword(輸入密碼)

What is your first and last name?(您的名字與姓氏是什麼？) 
[Unknown]: www.myssl.cn(輸入申請的證書的域名)

What is the name of your organizational unit? (您的組織單位名稱是什麼？) 
[Unknown]:Fastcom(輸入你所在組織單位的名字)

What is the name of your organization? (您的組織名稱是什麼？) 
[Unknown]:Fastcom (輸入你所在組織的名字)

What is the name of your City or Locality?(您所在的城市或區域名稱是什麼？) 
[Unknown]:Shanghai(輸入所在城市的名字)

What is the name of your State or Province? (您所在的州或省份名稱是什麼？) 
[Unknown]:Shanghai(輸入所在省份名字)

What is the two-letter country code for this unit?(該單位的兩字母國家代碼是什麼？) 
[Unknown]:CN(輸入國家名字,若是是中國，請輸入CN)

Is CN=www.myssl.cn, OU=fastcom, O=fastcom, L=Shanghai, ST=Shanghai, C=CN correct? [no]:
yes

2.檢查一個keystore:

keytool -list -v -keystore myssl.jks

Enter keystore password:yourpassword(輸入密碼)

將顯示keystore內容以下:

Keystore type: jks 
Keystore provider: SUN 
Your keystore contains 1 entry 
Alias name: myssl 
Creation date: Nov 24 , 2006 
Entry type: keyEntry 
Certificate chain length: 1 
Certificate[1]: 
Owner: CN=www.myssl.cn, OU=fatcom, O=fastcom, L=Shanghai, ST=Shanghai, C=CN 
Issuer: CN=www.myssl.cn, OU=fastcom, O=fastcom, L=Shanghai, ST=Shanghai, C=CN 
Serial number: 3c22adc1 
Valid from: Thu Nov 24 19:34:25 PST 2006 until: Thu Nov 24 19:34:25 PST 2007 
Certificate fingerprints: 
MD5: F1:5B:9B:A1:F7:16:CF:25:CF:F4:FF:35:3F:4C:9C:F0 
SHA1: B2:00:50:DD:B6:CC:35:66:21:45:0F:96:AA:AF:6A:3D:E4:03:7C:74

3.輸出keystore到一個文件:testkey:

keytool -export -alias myssl -keystore myssl.jks -rfc -file testkey

系統輸出:

Enter keystore password:your password(輸入密碼)

Certificate stored in file

4.輸入證書到一個現有的keystore:

keytool -import -alias myssl -file testkey.cer -keystore myssl.jks 

Enter keystore password:your new password.(輸入truststore新密碼)

5.檢查truststore:

keytool -list -v -keystore truststore

系統將顯示truststore的信息.