Using the keytool utility
You use the keytool utility to obtain a digitally signed identity certificate to replace the self-signed certificate. This utility is available with Oracle JDKs and BMC Atrium Atrium Single Sign-On.
The keytool utility must be available within the shell command environment to generate a certificate signing request (CSR) or to import a CA signed certificate.
The following topics are provided:
To verify that the keytool utility is available
- Open a shell command window.
- In the command prompt, invoke the keytool utility:
- (For Microsoft Windows) Type keytool.exe and press Enter.
(For UNIX) Type keytool and press Enter.
You can use the keytool utility from Oracle JDK Java 1.5 or 1.6.
If the keytool utility is available, a help message is generated that shows the keytool options. The following help output is relevant to generating the CSR:
-certreq [-v] [-protected] [-alias <alias>] [-sigalg <sigalg>] [-file <csr_file>] [-keypass <keypass>] [-keystore <keystore>] [-storepass <storepass>] [-storetype <storetype>] [-providername <name>] [-providerclass <provider_class_name> [-providerarg <arg>]] ... [-providerpath <pathlist>]
- Proceed with generating and importing CA certificates.
If the keytool utility is not available, proceed with setting up the environment.
Configuring the environment
Before you run the keytool utility, you must initialize the environment variable path with the location of the keytool.
Update the following path:
In UNIX, the keytool program is called keytool. In Windows, the program is called keytool.exe.
- For Windows:
- For UNIX: