| Author |
keytool and self signing certificate
|
Sagar Kar
Greenhorn
Joined: Sep 03, 2004
Posts: 25
|
|
I found the following information from the sun site http://java.sun.com/j2se/1.3/docs/tooldocs/win32/keytool.html#genkeyCmd
Since I am a java guy I am also posting this query in the java forum.
When we use the -genkey argument the keytool "generates a key pair (a public key and associated private key). Wraps the public key into an X.509 v1 self-signed certificate, which is stored as a single-element certificate chain".
When we use the -selfcert argument the keytool "generates an X.509 v1 self-signed certificate, using keystore information including the private key and public key associated with alias".
If -genkey generates a self signed certificate what does -selfcert do?
I can't understand what actually happens between -genkey and -selfcert.
What does self sign mean in both the case?
|
Warm regards,<br />Sagar Kar.<br />SCJP 1.4, SCBCD 1.3
|
 |
Joe Ess
Bartender
Joined: Oct 29, 2001
Posts: 8291
|
|
-genkey generates a private and public key in addition to creating a cert. -selfcert creates a cert using a specified key.
A self-signed certificate means that the certificate chain does not lead to a Certification Authority (CA) who validates you are who you say you are. A user who encounters a self-signed cert in an applet or web server will be notified that the certificate is questionable.
Have a look on the page you linked, the section marked "Certificate Chains" for more.
|
"blabbing like a narcissistic fool with a superiority complex" ~ N.A.
[How To Ask Questions On JavaRanch]
|
|
 |
|
|
subject: keytool and self signing certificate
|
|
|
0
