Tuesday, 7 February 2023

How to check whether an alias exists in a keystore file or not?

Below command print the entry with given alias if exists, else throws an Exception.

keytool -list -keystore {my_key_store} -alias {my_alias}

 

All the entries in a keystore

$keytool -list -keystore myKeystore.jks 
Enter keystore password:  
Keystore type: JKS
Keystore provider: SUN

Your keystore contains 2 entries

mykey, 7 Feb 2023, PrivateKeyEntry, 
Certificate fingerprint (SHA-256): 2D:78:CF:F5:62:E7:5D:7F:6B:36:4E:D8:63:55:72:1E:DB:C7:07:34:C9:76:7B:E5:A0:CF:E9:D6:20:3C:43:16
myserverkey, 7 Feb 2023, PrivateKeyEntry, 
Certificate fingerprint (SHA-256): 87:80:F2:94:89:5C:A7:7C:8A:DE:4E:DF:6D:C4:2C:1C:42:1B:45:0E:9A:6F:0B:3E:FC:3A:F5:3A:32:0A:1F:0F

Warning:
The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard format using "keytool -importkeystore -srckeystore myKeystore.jks -destkeystore myKeystore.jks -deststoretype pkcs12".

 

Output of the alias that already exists in a keystore

$keytool -list -keystore myKeystore.jks -alias myserverkey
Enter keystore password:  
myserverkey, 7 Feb 2023, PrivateKeyEntry, 
Certificate fingerprint (SHA-256): 87:80:F2:94:89:5C:A7:7C:8A:DE:4E:DF:6D:C4:2C:1C:42:1B:45:0E:9A:6F:0B:3E:FC:3A:F5:3A:32:0A:1F:0F

Warning:
The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard format using "keytool -importkeystore -srckeystore myKeystore.jks -destkeystore myKeystore.jks -deststoretype pkcs12".

Output of the alias that does not exists in the keystore

$keytool -list -keystore myKeystore.jks -alias myserverkey123
Enter keystore password:  
keytool error: java.lang.Exception: Alias <myserverkey123> does not exist

 

 

 

Previous                                                 Next                                                 Home

No comments:

Post a Comment