I am trying to generate a keystore. I have set a password for the keystore but I am trying to not set a password for the key.
keytool -storepass "$password" -keystore ${PFX_broker}server.keystore.jks -alias $brokerCertAlias -validity $validity -genkey -dname "CN=$CN" -noprompt;
The above command will prompt me for a key password which defaults to the store pass when I press enter.
Is it possible to skip setting a password for the key altogether and not have a prompt?
There are parameters to specify key and store passwords
-keypass <your-pass> and -storepass <your-pass>
E.g.
keytool -storepass pass123 -keypass pass123 -keystore keystore.jks -alias myalias -validity 99 -genkey -noprompt
I know this is an old question but I'm facing the same issue and adding -keypass password and because I have a store source too, I'm adding -srcstorepass password for me works. Try this:
keytool -storepass "$password" -keystore ${PFX_broker}server.keystore.jks -alias $brokerCertAlias -validity $validity -genkey -dname "CN=$CN" -noprompt -keypass "$password" -srcstorepass "$password"
But might be different in your case.
-storepass secret and -srcstorepass secret do the trick. Options -srckeypass and -destkeypass as shown by keytool -importkeystore -h have no effect at all (at least in Java 11). Thanks for sharing! –
Waki It seems keytool always requires a password for both the store and the key. There is no way around it.
© 2022 - 2024 — McMap. All rights reserved.
-keypasslike you did the store password. Both of these have the 'feature' that other users/processes on your system can see your password(s) withpsor similar or/proc//cmd. – Lipography