• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

Mister PKI

SSL Certificates * SSL Tools * Certificate Decoder

  • Buy SSL Certificates
  • Blog
  • OpenSSL
  • Keytool
  • SSL Tools
  • Donate

keytool alias -changealias – How to change a private key alias

February 25, 2021 by Mister PKI Leave a Comment

What is Java keytool?

The Java keytool is a command-line utility used to manage keystores in different formats containing keys and certificates. You can use the java keytool to change a private key alias in a keystore. In many respects, it’s a competing utility with openssl for keystore, key, and certificate management.

What is a keytool private key alias?

The alias on a private key entry in a keystore is simply a word or name to quickly identify the private key. The alias can be practically anything you want it to be and is for readability purposes. When listing the content of a keystore, a human identifiable alias is helpful. When used by a software program, human readability is less important, however, developers usually still choose an easily readable and identifiable alias. Keytool provides a function for changing the alias name with the changealias flag, detailed below.

What keytool command do I use to change a private key alias?

Use this command to change the private key alias in a keystore. The result will be a new alias on the key entry. Many times when generating a keystore, the alias option is ignored, giving the private key entry a generic alias. If that is the case, many times the alias will be “1” or if imported from another keystore, the previous alias for that entry. To use keytool change alias, run this command.

keytool -changealias \
 -alias example \
 -destalias example.com \
 -keypass changeit \
 -keystore example.p12 \
 -storepass changeit \
 -storetype PKCS12 \
 -v

Java keytool options:

Options breakdown:

-alias – The alias of the private key entry to be changed.

-destalias – The alias of the private key entry after completion of the command.

-keypass – The password of the private key. This should have been set to be the same as the keystore password. We recommend leaving this option off and letting keytool prompt you instead of writing your password in plain text here.

-keystore – The keystore file.

-storepass – The keystore password. We recommend leaving this option off and letting keytool prompt you instead of writing your password in plain text here.

-storetype – Recommended keystore types include PKCS12 and JKS. In this case, the keystore was of type PKCS12.

-v – Verbose

keytool alias
keytool alias

Here are the official keytool docs to dive further into how to use java keytool to change a private key’s alias. https://docs.oracle.com/javase/10/tools/keytool.htm#GUID-5990A2E4-78E3-47B7-AE75-6D1826259549__MANAGETHEKEYSTORE-507D231A

Read all of our blog content.

keytool

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Popular Posts

PKCS12

openssl s_client

Keytool

Keytool list

ECDSA vs RSA

OpenSSL

PKCS7

Certificate Decoder

Training Courses

Top online courses in IT & Software

Cyber Security Training

Udemy - The Complete Internet Security Privacy Course icon

Buy SSL Certificates

The SSL Store

Comodo Store

Sectigo Store

RapidSSL

Recent Posts

  • NetScaler ADC configuration history
  • Remove CA from Domain in Active Directory
  • pfx password
  • pkcs12
  • Sendmail vs Postfix – Mail Transfer Agent Comparison

Footer

  • Twitter
  • YouTube

Pages

  • About Mister PKI
  • Blog
  • Compare and Buy Affordable PKI Certificates
  • Contact Us
  • Full Disclosure
  • Privacy Policy
  • SSL Tools – Certificate Decoder and Certificate Checker

Copyright © 2022