Keytool: List Certificate – Java Certs

Java stores certificates in keystore files.

For example, the trusted CA certificates, by default, are stored in $JAVA_HOME/jre/lib/security/cacerts file.

The certificates in a Java keystore file can be listed using the keytool -list command and in this short note i will show how to.

Cool Tip: How to find out a Java (JDK/JRE) version! Read more →

List Java Certs using Keytool

List certificates in a Java keystore:

$ keytool -list -v -keystore <PATH_TO_KEYSTORE_FILE>

List a particular certificate in a Java keystore using an alias:

$ keytool -list -v -keystore <PATH_TO_KEYSTORE_FILE> -alias <ALIAS>

For example, to list certificates in cacerts, run:

$ keytool -list -v -keystore $JAVA_HOME/jre/lib/security/cacerts

Cool Tip: Decode SSL certificates using OpenSSL! Read more →