...
Next, use a command with the following template to create a keystore containing that contains a single basic self-signed certificate:
| Code Block | ||
|---|---|---|
| ||
keytool -genkey -keyalg RSA -alias workbench -keystore <path-to-keystore>
-storepass <store-password> -storetype PKCS12 -keysize 2048
-sigalg SHA256withRSA -dname "CN=<host url>"
-ext san=dns:<host url>
-validity <days-valid> |
Please Use the following table to replace the <placeholder-values> in this command based on the following descriptions:example command with values that are specific to your environment and policies.
Placeholder | Description | Example Value |
|---|---|---|
path-to-keystore | Full qualified path of the key store to be created |
|
store-password | Password required when reading or writing to the newly created key store | Choose a random password string. Note that the key stores supplied with Java have a default password of |
host-url | The domain name of the URL that will be used to access Workbench in your browser. This does not include the protocol or port numbers. For example, |
(no port number) |
days-valid | The number of days for which the key should remain valid | Note that the key stores supplied with Java have a default validity of 180 days. |
...
Note that with the exception of keytool -list the keytool command will not normally return a value to the console .to indicate it has executed successfully
Regenerating keys
If you want to regenerate your keystore certificate for any reason (i.e. it has expired) you can use the following command:
...