aspose file tools*
The moose likes Java in General and the fly likes keytool and self signing certificate Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Java in General
Bookmark "keytool and self signing certificate" Watch "keytool and self signing certificate" New topic
Author

keytool and self signing certificate

Sagar Kar
Greenhorn

Joined: Sep 03, 2004
Posts: 25
I found the following information from the sun site http://java.sun.com/j2se/1.3/docs/tooldocs/win32/keytool.html#genkeyCmd

Since I am a java guy I am also posting this query in the java forum.

When we use the -genkey argument the keytool "generates a key pair (a public key and associated private key). Wraps the public key into an X.509 v1 self-signed certificate, which is stored as a single-element certificate chain".

When we use the -selfcert argument the keytool "generates an X.509 v1 self-signed certificate, using keystore information including the private key and public key associated with alias".

If -genkey generates a self signed certificate what does -selfcert do?
I can't understand what actually happens between -genkey and -selfcert.
What does self sign mean in both the case?


Warm regards,<br />Sagar Kar.<br />SCJP 1.4, SCBCD 1.3
Joe Ess
Bartender

Joined: Oct 29, 2001
Posts: 8924
    
    9

-genkey generates a private and public key in addition to creating a cert. -selfcert creates a cert using a specified key.
A self-signed certificate means that the certificate chain does not lead to a Certification Authority (CA) who validates you are who you say you are. A user who encounters a self-signed cert in an applet or web server will be notified that the certificate is questionable.
Have a look on the page you linked, the section marked "Certificate Chains" for more.


"blabbing like a narcissistic fool with a superiority complex" ~ N.A.
[How To Ask Questions On JavaRanch]
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: keytool and self signing certificate