2.2.12 keytool
- Jenni Wallin
usage: keytool generate [-k, --keytore <keystore>] [-o, --overwrite] [--enable-tls <http/rcp>] [--password <password>] |Â enable-tls <http/rcp> [-k, --keystore] [-a, --alias <alias>] [--password <password>] | disable-tls <http/rcp>
This command is used to generate a Java keystore or to enable/disable the network security over HTTP and RCP. For more information regarding the network security feature, see 4. Network Security
You can use the following subcommands with keytool:
- generate
- enable-tls
- disable-tls
generate
Use keytool generate to create or update a self-signed Java keystore.
| Â Option | Description |
|---|---|
| [-k, --keystore <keystore>] | States the directory and keystore filename in which the keystore will be stored. If this option is not used, the command will save the keystore file to the default location: |
| [-o, --overwrite] | Use this option to overwrite any existing keystore. |
| [--enable-tls <http/rcp>] | Enables network security over HTTP or RCP after the keystore is successfully generated. If neither http or rcp is determined in the option, the command will enable the network security on both HTTP and RCP. |
| [–password <password>] | Use this option to include the password for the keystore. The user will be prompted for the password if this option is not used. |
enable-tls <http/rcp>
Use keytool enable-tls to enable the network security over HTTP or RCP.
If neither http or rcp is determined in the option, the command will enable the network security on both HTTP and RCP.
| Option | Description |
|---|---|
| [-k, --keystore <keystore>] | Use this option to validate the staged changes without performing the activation. If this option is not used, the command will save the keystore file to the default location: |
| [-a, --alias <alias>] | Compare the provided hash value with the actual hash that represents the current state of active registry. The activation fails if the values are not equal. For further information, see hash below, |
| [–password <password>] | Use this option to include the password for the keystore. The user will be prompted for the password if this option is not used. |
disable-tls <http/rcp>
Use keytool disable-tls to disable the network security over HTTP or RCP.
If neither http or rcp is determined in the option, the command will disable the network security on both HTTP and RCP.
Return Codes
Listed below are the different return codes for the keytool command:
| Code | Description |
|---|---|
0 | Will be returned if the command is successful. |
1 | Will be returned if a syntax error has occurred. |
11 | Will be returned if keystore already exists. |
| 12 | Will be returned if keystore does not exist. |