dmkeytool - Manage keystores

Use this command to manage keystores for encryption.

Note: You can use the keytool -importcert command instead of dmkeytool.

Syntax

dmkeytool -importcertchain -file certificate_chain_file -keystore private_keystore_file -storepass password
[-storetype JKS | JCEKS | PKCS12] -alias alias [-L locale]

Parameters

-importcertchain
Specifies to replace the certificate chain of a private key in a keystore.
-file certificate_chain_file
Specifies the absolute path to the PEM file that contains the chain of certificates in X.509 format.
-keystore private_keystore_file
Specifies the absolute path to the private keystore file.
-storepass password
Specifies the password of the keystore and the keys that are contained within it.
-storetype JKS | JCEKS | PKCS12
Specifies the keystore type of the private keystore file.
-alias alias
Specifies the alias of the private key in the private keystore file.
-L locale
The name of the locale that is used for the CDC Replication instance. The default is the machine locale.

Result

This command returns a value of 0 if the command was successful and a non-zero value if the command fails.

Example

dmkeytool -importcertchain -file /certs/certchain.pem -keystore /keystores/keys.jks
-storepass password -storetype JKS -alias mykey

Imports the /certs/certchain.pem PEM file and replaces the certificate chain of mykey in the /keystores/keys.jks private keystore file without changing the private key.