In this post we will explore how to create self signed certificate using java keytool. For using this command we should have java installed in our system.
Command to generate certificate
keytool -genkeypair -alias tech_with_aman -keyalg RSA -keysize 2048 -storetype PKCS12 -validity 3650 -storepass welcome@123 -keystore myKey.p12
After running this command you will be asked following inputs. You can leave these blank or enter some value.
What is your first and last name? [Unknown]: What is the name of your organizational unit? [Unknown]: What is the name of your organization? [Unknown]: What is the name of your City or Locality? [Unknown]: What is the name of your State or Province? [Unknown]: What is the two-letter country code for this unit? [Unknown]: Is CN=Unknown, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown correct? [no]: yes
Following command will generate keystore name myKey.p12
- -genkeypair : This argument commands keytool to create keypair
- -alias : As p12 keystore can contain multiple private keys. This argument provide alias to the key which will be used to reference this private key. Here we are using alias as tech_with_aman
- -keyalg : This provide algorithm to generate these keys. Here we are using RSA to generate these keys.
- -keysize : This provide size of key which is 2048.
- -storetype : There are various key store available. We are using PKCS12 here.
- -validity : Validity of this key. This is in days.
- -storepass : Password of this keystore.
- -keystore : Name of the final key file where this data will be saved.
After using this command we will get myKey.p12 file which will contain a private key with alias tech_with_aman. Password of this keystore is welcome@123 . PKCS12 keystore format do not support separate password for private key.