Java KeyStore: Difference between revisions

Browse history interactively

← Previous edit

Content deleted Content added

VisualWikitext

Revision as of 01:26, 5 July 2016 edit Lesita Corporation (talk \| contribs) 6 edits Add some information about key management tools. Tags: large plot addition Visual edit ← Previous edit		Latest revision as of 21:30, 19 February 2024 edit undo Phil herbs (talk \| contribs) Extended confirmed users 1,699 edits Adding short description: "Software development tool for security" Tag: Shortdesc helper
(21 intermediate revisions by 15 users not shown)
Line 1: {{Short description\|Software development tool for security}} ~~==== Summary ====~~ A '''Java KeyStore''' ('''JKS''') is a [[content repository\|repository]] of security certificates{{spaced ndash}} either [[authorization certificate]]s or [[public key certificate]]s{{spaced ndash}} plus corresponding [[Private key\|private keys]], used for instance in [[Transport Layer Security\|~~SSL~~TLS encryption]]. In [[IBM WebSphere Application Server]] and [[Oracle WebLogic Server]], a file with extension ''jks'' serves as a keystore. The [[Java Development Kit]] maintains a [[certificate authority\|CA]] keystore file named ''cacerts'' in folder ''jre/lib/security~~/cacerts~~''. JDKs provide a tool named ''keytool''<ref>[~~http~~https://docs.oracle.com/en/java/javase/617/docs/~~technotes~~specs/~~tools/solaris~~man/keytool.html The ''keytool'' Command - ~~Key~~a key and ~~Certificate~~certificate management ~~Management~~utility ~~Tool~~]</ref> to manipulate the keystore. ''keytool'' has no functionality to extract the private key out of the keystore, but this is possible with third-party tools like jksExportKey,~~<ref>[http://miteff.com/jksexportkey jksExportKey - A free tool for exporting private keys out of the keystore as standalone files]</ref>~~ CERTivity,<ref>[http://www.edulib.com/products/keystores-manager/ CERTivity - A multi-platform visual tool for managing keystores]</ref> Portecle<ref>[http://portecle.sourceforge.net Portecle - Portecle is an open-source GUI application for creating, managing and examining keystores.]</ref> and KeyStore Explorer.<ref>[http://keystore-explorer.~~sourceforge.net~~org KeyStore Explorer - An open source GUI replacement for the Java command-line utilities keytool, jarsigner and jadtool.]</ref> ~~==== Utilities ====~~ ~~====== ---Keytool ======~~ Keytool is used to manage private keystore (Such as JKS) and it's linking of an X.509 key string(to verify a public key that is corresponding with a private key.).And it can also be used to manage the other trusting figures. ~~===== ---JarSigner =====~~ The JarSigner Utility uses the information of the Keystore(e.g:JKS) to generate or verify the .JAR application's digital signatures.When it is about to run a file that is from an unknown source(Such as Internet or someone's U-Disk),the tool first use the digital signatures exists in the .JAR file to verify if the digital signature is correct,then it verify the source is trusted or untrusted.So don't import any root certificates that are unknown to you! ~~==== Concept about Certificates. ====~~ Certificate is a statement that is from a figure(such as a person or a company).If a file(such as a software or a mount of data)has been signed,anyone who has a public key can check if the data is currupted or has been modified. ==See also== [http://baike.baidu.com/view/1855087.htm]Keytool on Baidu Baike [[Java Secure Socket Extension]] [[Keyring (cryptography)]] [[Public- key infrastructure]] ==References== {{Reflist}} ==External links== * [https://docs.oracle.com/javase/8/docs/api/java/security/KeyStore.html Javadoc for KeyStore] [[Category:Public-key cryptography]] [[Category:Java development tools]] {{Computer-security-stub}}