I am adding a cert to the Java keystore and I get the following warning. The command is successful.
keytool -import -trustcacerts -keystore /usr/lib/jvm/java-11-openjdk-amd64/lib/security/cacerts -storepass changeit -noprompt -alias my_root_ca.pem -file /usr/share/ca-certificates/foo/my_root_ca.pem
The warning is:
Warning: use -cacerts option to access cacerts keystore
How do I get rid of this warning?
Thanks
It's quite easy. If you check keytool manual you can see the following:
$ keytool -importcert -help
keytool -importcert [OPTION]...
Imports a certificate or a certificate chain
Options:
... removed for clearity
-cacerts access the cacerts keystore
To get rid of that warning you must use -cacerts option instead of calling cacert keystore:
keytool -import -trustcacerts -cacerts -storepass changeit -noprompt -alias my_root_ca.pem -file /usr/share/ca-certificates/foo/my_root_ca.pem
Related
I try to get SHA1 to use for Firebase but I can't get SHA1
In JavaVirtualMachines I using jdk1.8.0_202.jdk
I tried get in gradle -> Task -> Android -> signingReport
=> Error: Missing keystore
I tried get on command line ->
keytool -exportcert -alias androiddebugkey -keystore
~/.android/debug.keystore -list -v
keytool -list -v -keystore /Users/bobhope/.android/debug.keystore -alias androiddebugkey -storepass android -keypass android
=> Error:
keytool error: java.lang.Exception: Keystore file does not exist: /Users/bobhope/.android/debug.keystore
java.lang.Exception: Keystore file does not exist: /Users/bobhope/.android/debug.keystore
at sun.security.tools.keytool.Main.doCommands(Main.java:786)
at sun.security.tools.keytool.Main.run(Main.java:382)
at sun.security.tools.keytool.Main.main(Main.java:375)
Use complete path
Mac:
keytool -list -v -keystore /Users/username/.android/debug.keystore
-alias androiddebugkey -storepass android -keypass android
Linux:
keytool -list -v -keystore /home/username/.android/debug.keystore
-alias androiddebugkey -storepass android -keypass android
Windows:
keytool -list -v -keystore C:\Users\username\.android\debug.keystore
-alias androiddebugkey -storepass android -keypass android
you missed the path in your command
keytool -list -v -alias androiddebugkey -keystore%USERPROFILE%\.android\debug.keystore
after the keystore you should add the path like C:\Users\Username\Downloads
Try these steps:
Clean and rebuild your application.
Open the Gradle tab and go to app -> Tasks -> android
Double click on signingReport.
You will get the required signing report below in the run tab.
I am trying to enable SSL in my application for which i have to update the PFX cert in CACERTS. Below are the steps I did but I am getting below error
when trying to import the PFX in CACERTS.
"keytool error: java.lang.Exception: Input not an X.509 certificate"
Create a jks file and generate a CSR from that JKS
keytool -genkeypair -alias abc03.dc.abc.com -keyalg RSA -keystore /opt/logo/certificates/abc03.dc.abc.com.jks -keysize 2048 -dname "CN=abc03.dc.abc.com,O=DT,L=xxx,ST=xxx,C=xxx" -ext san=dns:abc03.dc.abc.com
keytool -certreq -alias abc03.dc.abc.com -keystore /opt/logo/certificates/abc03.dc.abc.com.jks -file /opt/logo/certificates/abc03.dc.abc.com.csr -ext san=dns:abc03.dc.abc.com -ext EKU=serverAuth,clientAuth
Get it signed by CA
Import the root , Intermediate & server cert into the jks that i created
keytool -import -keystore abc03.dc.abc.com.jks -alias root -file root.cer
keytool -import -keystore abc03.dc.abc.com.jks -alias intermediate -file intermediate.cer
keytool -import -keystore abc03.dc.abc.com.jks -alias mykey -file abc03.dc.abc.com.cer
convert the JKS to PKCS12
keytool -importkeystore -srckeystore abc03.dc.abc.com.jks -destkeystore abc03.dc.abc.com.p12 -srcstoretype JKS -deststoretype PKCS12 -deststorepass password
Importing the PKCS12 into CACERTS (this is where i get the error)
keytool -importkeystore -deststorepass MY-KEYSTORE-PASS -destkeystore cacerts -srckeystore abc03.dc.abc.com.p12 -srcstoretype PKCS12
keytool -importkeystore -deststorepass MY-KEYSTORE-PASS -destkeystore cacerts -srckeystore abc03.dc.abc.com.p12 -srcstoretype PKCS12
Can you advise me on how to fix this or is there another way of doing it. Thanks for your help :)
There are two tools that might help:
http://portecle.sourceforge.net/
https://keystore-explorer.org/index.html
Book-Pro:main vy$ keytool -exportcert -list -v \
> -alias androiddebugkey -keystore ~/.android/debug.keystore
keytool error: java.lang.Exception: Only one command is allowed: both
-exportcert and -list were specified.
I am trying to create a SHA1 on MBP for an android Firebase project.
I pull the command from the Firebase console as described...
https://developers.google.com/android/guides/client-auth
keytool -exportcert -list -v \
-alias androiddebugkey -keystore ~/.android/debug.keystore
and I get an error.
keytool error: java.lang.Exception: Only one command is allowed: both
-exportcert and -list were specified.
I have tried hand typing this thinking that perhaps there is a problem with the browser. I installed new JDK... not sure what is going wrong here. assistance please
I sort of fixed it... but Id still like comments.
For Linux / UNIX:
keytool -list -v -alias androiddebugkey -keystore ~/.android/debug.keystore
For Windows:
keytool -list -v -alias androiddebugkey -keystore %USERPROFILE%/.android/debug.keystore
observe I removed the -exportcert part and I did get a sha1 back
for release key this one solved my problem
keytool -list -v -keystore C:\Users\MG\Desktop\test.jks -alias test
For the following command worked.
keytool -keystore C:\Users\hp\.android\debug.keystore -list -v
I am trying to generate a keystore. I have set a password for the keystore but I am trying to not set a password for the key.
keytool -storepass "$password" -keystore ${PFX_broker}server.keystore.jks -alias $brokerCertAlias -validity $validity -genkey -dname "CN=$CN" -noprompt;
The above command will prompt me for a key password which defaults to the store pass when I press enter.
Is it possible to skip setting a password for the key altogether and not have a prompt?
There are parameters to specify key and store passwords
-keypass <your-pass> and -storepass <your-pass>
E.g.
keytool -storepass pass123 -keypass pass123 -keystore keystore.jks -alias myalias -validity 99 -genkey -noprompt
keytool reference
I know this is an old question but I'm facing the same issue and adding -keypass password and because I have a store source too, I'm adding -srcstorepass password for me works. Try this:
keytool -storepass "$password" -keystore ${PFX_broker}server.keystore.jks -alias $brokerCertAlias -validity $validity -genkey -dname "CN=$CN" -noprompt -keypass "$password" -srcstorepass "$password"
But might be different in your case.
It seems keytool always requires a password for both the store and the key. There is no way around it.
I enter the following in the command prompt:
keytool -list -alias androiddebugkey \
-keystore keytool -list -alias androiddebugkey \
-keystore C:\Users\kmmr12.android\debug.keystore \
-storepass android -keypass android \
-storepass android -keypass android
when I press enter I get:
-keystore is not recognized as an internal or external command, operable program or batch file.
Why is that?
Well, you can find an answer, for instance here.
As far as I can tell you're using the right tool but you're adding backslashes ( \ ) which might be causing your trouble.
Try writing the command without the backslashes (for instance
keytool -list -alias androiddebugkey -keystore keytool -list -alias androiddebugkey -keystore C:\Users\kmmr12.android\debug.keystore -storepass android -keypass android -storepass android -keypass android
)
Ok, I believe you are using windows and that's why you get the message.
You should first go find your keytool (usually located at C:\Program Files (x86)\Java\jre7\bin)
Then add it to your windows path by going to System>Advanced System Settings>Environmental Variables. When you go there find the Path from the system variable lists, double click on it, add a ';' to the end of it and paste the location of your keytool folder.
Now you should be able to use the command keytool in windows!