🖥️keytool

➡️This is a command-line reference manual for commands and command combinations that you don’t use often enough to remember it. This cheatsheet explains the keytool command with important options and switches using examples.

▁ ▂ ▃ ▄ ꧁ 🔴☠ COMMANDLINE-KUNGFU WITH CHEATSHEETS ☠🔴꧂▅ ▃ ▂ ▁

#  ██╗  ██╗███████╗██╗   ██╗████████╗ ██████╗  ██████╗ ██╗     
#  ██║ ██╔╝██╔════╝╚██╗ ██╔╝╚══██╔══╝██╔═══██╗██╔═══██╗██║     
#  █████╔╝ █████╗   ╚████╔╝    ██║   ██║   ██║██║   ██║██║     
#  ██╔═██╗ ██╔══╝    ╚██╔╝     ██║   ██║   ██║██║   ██║██║     
#  ██║  ██╗███████╗   ██║      ██║   ╚██████╔╝╚██████╔╝███████╗
#  ╚═╝  ╚═╝╚══════╝   ╚═╝      ╚═╝    ╚═════╝  ╚═════╝ ╚══════╝

keytool -list -providerpath bcprov-jdk15on-1.60.jar -provider org.bouncycastle.jce.provider.BouncyCastleProvider -storetype BCPKCS12 -storepass <passphrase> -keystore <filename>
# keytool view all entries in a keystore with BouncyCastle as security provider This command lists the fingerprints of all of the certificates in the keystore, using BouncyCastle as security provider. Show Sample Output:
        # $> keytool -list \
            # -providerpath bcprov-jdk15on-1.60.jar \
            # -provider org.bouncycastle.jce.provider.BouncyCastleProvider \
            # -storetype BCPKCS12 \
            # -storepass <passphrase> \
            # -keystore keystore <enter>
        # Keystore type: BCPKCS12
        # Keystore provider: BC

        # Your keystore contains 2 entries

        # encipher, Feb 20, 2019, trustedCertEntry,
        # Certificate fingerprint (SHA1): XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX
        # signer, Feb 20, 2019, trustedCertEntry,
        # Certificate fingerprint (SHA1): XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX

keytool -importkeystore -providerpath bcprov.jar -provider BouncyCastleProvider -srckeystore <filename.pfx> -srcstoretype pkcs12 -srcalias <src-alias> -destkeystore <filename.ks> -deststoretype BCPKCS12 -destails <dest-alias>
# keytool using BouncyCastle as security provider to add a PKCS12 certificate store This command imports the keystore file cert.pfx into the keystore file, using BouncyCastle as security provider. It was validated using - OpenJDK Runtime Environment (Zulu 8.36.0.1-CA-linux64) - Java(TM) SE Runtime Environment (build 1.8.0_192-ea-b04) - OpenJDK Runtime Environment (build 9.0.4+11) - OpenJDK Runtime Environment 18.9 (build 11.0.2+9) Show Sample Output:
        # keytool -importkeystore \
            # -providerpath bcprov-jdk15on-1.60.jar \
            # -provider org.bouncycastle.jce.provider.BouncyCastleProvider \
            # -srckeystore cert.pfx \
            # -srcstoretype pkcs12 \
            # -srcalias 1 \
            # -destkeystore keystore \
            # -deststoretype BCPKCS12 \
            # -destalias 'mycert'
        # Importing keystore cert.pfx to keystore...

keytool -importcert -providerpath bcprov-jdk15on-1.60.jar -provider org.bouncycastle.jce.provider.BouncyCastleProvider -storetype BCPKCS12 -trustcacerts -alias <alias> -file <filename.cer> -keystore <filename>
# keytool using BouncyCastle as security provider to add a X509 certificate This command imports the certificate file cert.pfx into the keystore file, using BouncyCastle as security provider. It was validated using - OpenJDK Runtime Environment (Zulu 8.36.0.1-CA-linux64) - Java(TM) SE Runtime Environment (build 1.8.0_192-ea-b04) - OpenJDK Runtime Environment (build 9.0.4+11) - OpenJDK Runtime Environment 18.9 (build 11.0.2+9) Show Sample Output:
░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░

  █║▌│║█║▌★ KALI ★ PARROT ★ DEBIAN 🔴 PENTESTING ★ HACKING ★ █║▌│║█║▌

              ██╗ ██╗ ██████╗  ██████╗ ██╗  ██╗███████╗██████╗
             ████████╗██╔══██╗██╔═══██╗╚██╗██╔╝██╔════╝██╔══██╗
             ╚██╔═██╔╝██║  ██║██║   ██║ ╚███╔╝ █████╗  ██║  ██║
             ████████╗██║  ██║██║   ██║ ██╔██╗ ██╔══╝  ██║  ██║
             ╚██╔═██╔╝██████╔╝╚██████╔╝██╔╝ ██╗███████╗██████╔╝
              ╚═╝ ╚═╝ ╚═════╝  ╚═════╝ ╚═╝  ╚═╝╚══════╝╚═════╝

               █║▌│║█║▌ WITH COMMANDLINE-KUNGFU POWER █║▌│║█║▌

░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░