Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
generate self signed certificate with keytool

To generate a self-signed SSL certificate using the keytool command on Windows, Mac, or Linux:

  • Open a command prompt or terminal.

  • Run this command:

    keytool -genkey -keyalg RSA -alias tomcat -keystore selfsigned.jks \ -validity -keysize 2048

Where <days> indicate the number of days for which the certificate will be valid.
  • Enter a password for the keystore. Note this password as you require this for configuring the server.

  • When prompted for first name and last name, enter the domain name of the server. For example, myserver or

  • Enter the other details, such as Organizational Unit, Organization, City, State, and Country.

  • Confirm that the information entered is correct.

  • When prompted with Enter key password for , press Enter to use the same password as the keystore password.

  • Run this command to verify the contents of the keystore:

    keytool -list -v -keystore selfsigned.jks

  • When prompted, enter the keystore password note in Step 3. The basic information about the generated certificate is displayed. Verify that the Owner and Issuer are

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment