The Java keytool allows your to generate certs that you can use with applications such as Tomcat. The below tutorial will show you how to generate a self signed cert that you can use with your applications.
It starts from the very beginning and shows you how to install Java, set up a key store and generate your jks cert.
- Download Windows x64 it version of java.
- Once it had downloaded, install it.
Add Java to the Path
- Let’s add the Java bin folder to the path so we can run the keytool from anywhere
- It is most likely available from; C:\Program Files\Java\jdk1.8.0_161\bin
- First click on the start menu, search for my computer right click on This PC and click properties
- Click advanced system settings and then environment variables
Click path and then edit.
Ensure there is a ; before you paste in the bin path for Java.
Paste the path in and click ok
Click ok and ok again.
Generating the Certificate and keystore
- We will now generate our keystore and cert. open a command prompt as an admin and run the following command.
- keytool -genkey -alias darren -keyalg RSA -keystore “C:\local.keystore”
- You will then be asked a series of questions
- enter Keystore password:
- retype keystore:
- what is your first and last name: (enter your domain name)
- what is the name of your organisation unit:
- what is the name of your organisation:
- what is the name of your state or province:
- What is the two-letter country code for this unit:
- Enter values relevant to you
- In our case the output looks like this:
- We can confirm that there is a certificate we can use by checking the keystore.
- cd back to the c drive
- run the command cd c:\
- next run dir.
- you should now see
- You can now run:
- keytool -v -list -keystore local.keystore
- to view the self-signed certificate in the keystore
A full video tutorial can be found here: