How i can ensure certificate(myAppCertificate.crt) i am importing to cacert already exists in cacert file or not?.

1
votes

How i can ensure certificate(myAppCertificate.crt) i am importing to cacert already exists in cacert file or not?. For information i am importing the certificate with

keytool -import -alias myAppca -file myAppCertificate.crt -keystore cacerts -v

For testing purpose i tried to add the already existing certficate again in cacert file, but it did not give me any exception/warning that certificate already exist. Is there a way i can confirm whether certificate alreay exist or not before actually importing this?

2
javasslhttpsssl-certificate

2 Answers

3
votes

If you use keytool -list -keystore cacerts, you'll get the list of all the certificates with their fingerprints. (If you use keytool from Java 6, you'll see MD5 fingerprints, if you use the version from Java 7, you'll get SHA-1 fingerprints, better.)

If you use keytool -printcert -file myAppCertificate.crt, you should see the certificate fingerprints (including MD5 and SHA-1).

If the value you get from that certificate is in the list, your certificate is already in the keystore.

(For more details on what fingerprints are, see this question.)

0
votes

you could use the keytool list option to view all the certs in a keystore: keytool -list -v -keystore keystorefile