Tuesday 7 February 2023

Print detailed information of entries in a keystore

Using -v option, we can print detailed information of entries in a keystore.

 

Without -v

$keytool -list -keystore myKeystore.jks 
Enter keystore password:  
Keystore type: JKS
Keystore provider: SUN

Your keystore contains 2 entries

mykey, 7 Feb 2023, PrivateKeyEntry, 
Certificate fingerprint (SHA-256): 2D:78:CF:F5:62:E7:5D:7F:6B:36:4E:D8:63:55:72:1E:DB:C7:07:34:C9:76:7B:E5:A0:CF:E9:D6:20:3C:43:16
myserverkey, 7 Feb 2023, PrivateKeyEntry, 
Certificate fingerprint (SHA-256): 87:80:F2:94:89:5C:A7:7C:8A:DE:4E:DF:6D:C4:2C:1C:42:1B:45:0E:9A:6F:0B:3E:FC:3A:F5:3A:32:0A:1F:0F

Warning:
The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard format using "keytool -importkeystore -srckeystore myKeystore.jks -destkeystore myKeystore.jks -deststoretype pkcs12".

 

With -v

$keytool -v -list -keystore myKeystore.jks 
Enter keystore password:  
Keystore type: JKS
Keystore provider: SUN

Your keystore contains 2 entries

Alias name: mykey
Creation date: 7 Feb 2023
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=krishna, OU=sample.com, O=self learning java, L=Bangalore, ST=Karnataka, C=IN
Issuer: CN=krishna, OU=sample.com, O=self learning java, L=Bangalore, ST=Karnataka, C=IN
Serial number: 15cbcdef
Valid from: Tue Feb 07 10:10:39 IST 2023 until: Mon May 08 10:10:39 IST 2023
Certificate fingerprints:
	 SHA1: 59:7D:45:F0:F7:1A:E7:D8:B5:EE:16:B4:44:64:17:F4:CC:41:B2:8D
	 SHA256: 2D:78:CF:F5:62:E7:5D:7F:6B:36:4E:D8:63:55:72:1E:DB:C7:07:34:C9:76:7B:E5:A0:CF:E9:D6:20:3C:43:16
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions: 

#1: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 7C F8 E5 84 F4 EF 92 84   56 96 6A 51 D1 66 7A 45  ........V.jQ.fzE
0010: 44 51 E6 7F                                        DQ..
]
]



*******************************************
*******************************************


Alias name: myserverkey
Creation date: 7 Feb 2023
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=demo.app.com
Issuer: CN=demo.app.com
Serial number: 2b72fbe1
Valid from: Tue Feb 07 10:33:19 IST 2023 until: Mon May 08 10:33:19 IST 2023
Certificate fingerprints:
	 SHA1: 91:AD:A2:3E:42:32:5A:3A:39:CE:4C:1F:25:EC:F8:D9:9F:92:C0:DB
	 SHA256: 87:80:F2:94:89:5C:A7:7C:8A:DE:4E:DF:6D:C4:2C:1C:42:1B:45:0E:9A:6F:0B:3E:FC:3A:F5:3A:32:0A:1F:0F
Signature algorithm name: SHA256withDSA
Subject Public Key Algorithm: 2048-bit DSA key
Version: 3

Extensions: 

#1: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 17 BE FD 60 AD CD 97 F2   43 BA 3B DA 66 05 66 10  ...`....C.;.f.f.
0010: E8 F2 3D 62                                        ..=b
]
]



*******************************************
*******************************************



Warning:
The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard format using "keytool -importkeystore -srckeystore myKeystore.jks -destkeystore myKeystore.jks -deststoretype pkcs12".
$

 

 

 

 

Previous                                                 Next                                                 Home
Posted by at
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)