Wikipedia

Java KeyStore: Difference between revisions

Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
No edit summary
Add some information about key management tools.
Tags: large plot addition Visual edit
Line 1:
==== Summary ====
A '''Java KeyStore''' ('''JKS''') is a repository of security certificates{{spaced ndash}} either [[authorization certificate]]s or [[public key certificate]]s{{spaced ndash}} used for instance in [[Transport Layer Security|SSL encryption]].
 
Line 4 ⟶ 5:
 
The [[Java Development Kit]] maintains a [[certificate authority|CA]] keystore in folder jre/lib/security/cacerts. JDKs provide a tool named ''keytool''<ref>[http://docs.oracle.com/javase/6/docs/technotes/tools/solaris/keytool.html keytool - Key and Certificate Management Tool]</ref> to manipulate the keystore. ''keytool'' has no functionality to extract the private key out of the keystore, but this is possible with third-party tools like jksExportKey,<ref>[http://miteff.com/jksexportkey jksExportKey - A free tool for exporting private keys out of the keystore as standalone files]</ref> CERTivity,<ref>[http://www.edulib.com/products/keystores-manager/ CERTivity - A multi-platform visual tool for managing keystores]</ref> Portecle<ref>[http://portecle.sourceforge.net Portecle - Portecle is an open-source GUI application for creating, managing and examining keystores.]</ref> and KeyStore Explorer.<ref>[http://keystore-explorer.sourceforge.net KeyStore Explorer - An open source GUI replacement for the Java command-line utilities keytool, jarsigner and jadtool.]</ref>
 
==== Utilities ====
 
====== ---Keytool ======
Keytool is used to manage private keystore (Such as JKS) and it's linking of an X.509 key string(to verify a public key that is corresponding with a private key.).And it can also be used to manage the other trusting figures.
 
===== ---JarSigner =====
The JarSigner Utility uses the information of the Keystore(e.g:JKS) to generate or verify the .JAR application's digital signatures.When it is about to run a file that is from an unknown source(Such as Internet or someone's U-Disk),the tool first use the digital signatures exists in the .JAR file to verify if the digital signature is correct,then it verify the source is trusted or untrusted.So don't import any root certificates that are unknown to you!
 
==== Concept about Certificates. ====
Certificate is a statement that is from a figure(such as a person or a company).If a file(such as a software or a mount of data)has been signed,anyone who has a public key can check if the data is currupted or has been modified.
 
==See also==
*[http://baike.baidu.com/view/1855087.htm]Keytool on Baidu Baike
*[[Java Secure Socket Extension]]
*[[Public-key infrastructure]]
Retrieved from "https://en.wikipedia.org/wiki/Java_KeyStore"