dmkeytool - Manage keystores
Use this command to manage keystores for encryption.
Note: You can use the keytool -importcert command instead of dmkeytool.
Syntax
dmkeytool -importcertchain -file certificate_chain_file -keystore private_keystore_file -storepass password
[-storetype JKS | JCEKS | PKCS12] -alias alias [-L locale]
Parameters
- -importcertchain
- Specifies to replace the certificate chain of a private key in a keystore.
- -file certificate_chain_file
- Specifies the absolute path to the PEM file that contains the chain of certificates in X.509 format.
- -keystore private_keystore_file
- Specifies the absolute path to the private keystore file.
- -storepass password
- Specifies the password of the keystore and the keys that are contained within it.
- -storetype JKS | JCEKS | PKCS12
- Specifies the keystore type of the private keystore file.
- -alias alias
- Specifies the alias of the private key in the private keystore file.
- -L locale
- The name of the locale that is used for the CDC Replication instance. The default is the machine locale.
Result
This command returns a value of 0 if the command was successful and a non-zero value if the command fails.
Example
dmkeytool -importcertchain -file /certs/certchain.pem -keystore /keystores/keys.jks
-storepass password -storetype JKS -alias mykey
Imports the /certs/certchain.pem PEM file and replaces the certificate chain of mykey in the /keystores/keys.jks private keystore file without changing the private key.