Generating a Keypair

The command also wraps the public key into an X.509 v1 self-signed certificate, which is stored as a single-element certificate chain. This certificate chain and the private key are stored in a new keystore entry identified by the alias bskey with password EAkey1, in the keystore c:\apps\bs.jks.

C:\Users\Administrator>keytool -genkeypair -dname "cn=Clint Hill, ou=Claims, o=EasyAs Insurance, l=Swindon, c=UK" -alias bskey -keypass EAkey1 -keystore c:\apps\bs.jks -storepass EAStore2 -validity 360 -keyalg "RSA"

The following command can be used to list the contents of the bskey entry.

C:\Users\Administrator>keytool -list -keystore c:\apps\bs.jks -alias bskey -v Enter keystore password: Alias name: bskey Creation date: 01-Sep-2010 Entry type: PrivateKeyEntry Certificate chain length: 1 Certificate[1]: Owner: CN=Clint Hill, OU=Claims, O=EasyAs Insurance, L=Swindon, C=UK Issuer: CN=Clint Hill, OU=Claims, O=EasyAs Insurance, L=Swindon, C=UK Serial number: 4c7e6e6b Valid from: Wed Sep 01 16:16:59 BST 2010 until: Sat Aug 27 16:16:59 BST 2011 Certificate fingerprints: MD5: FF:0B:67:D6:59:1A:87:38:BB:84:19:4A:C9:9E:C2:C3 SHA1: E3:92:E1:4F:8A:EA:6D:A7:90:2D:36:FC:40:90:48:EF:71:2B:BC:33 Signature algorithm name: SHA1withRSA Version: 3