UNIX in a Nutshell: System V Edition

UNIX in a Nutshell: System V EditionSearch this book
Previous: Reference: javahChapter 2
Unix Commands		Next: Reference: javald
 

javakey

/usr/java/bin/javakey [options]

Solaris only. Java security tool. Use javakey to generate digital signatures for archive files, and to build and manage a database of entities, their keys and certificates, and indications of their "trusted" (or nontrusted) status.

The leading - on options may be omitted. Only one option may be specified per javakey invocation.

Options

In the option arguments below, an id_or_signer is either a secure ID or a secure signer already in the database.

-c identity [true | false]

Create a new database identity named identity. The optional true or false is an indication as to whether the identity can be trusted. The default is false.

-cs signer [true | false]

Create a new signer in the database named signer. The optional true or false is an indication of whether the signer can be trusted. The default is false.

-dc file

Display the certificate in file.

-ec id_or_signer cnum cfile

Export certificate cnum from id or signer to cfile. The number must be one previously created by javakey.

-ek id_or_signer public [private]

Export the public key for id or signer to file public. Optionally, export the private key to file private. The keys must be in X.509 format.

-g signer algorithm ksize [public] [private]

Shortcut for -gk to generate a key pair for signer.

-gc file

Generate a certificate according to the directives in file.

-gk signer algorithm ksize [public] [private]

Generate a key pair for signer using standard algorithm algorithm, with a key-size of ksize bits. The public key is placed in the file public, and the private key in file private. Exporting private keys should be done with caution.

-gs dfile jarfile

Sign the Java Archive file jarfile according to directives in dfile.

-ic id_or_signer csrcfile

Associate the public key certificate in csrcfile with the named id or signer. This certificate must match a preexisting one, if there is one. Otherwise, this certificate is assigned to the id or signer.

-ii id_or_signer

Supply information about the id or signer. javakey reads information typed interactively. End the information with a line containing a single dot.

-ik identity ksrcfile

Associate the public key in ksrcfile with identity. The key must be in X.509 format.

-ikp signer public private

Import the key pair from files public and private and associate them with signer. The keys must be in X.509 format.

-l

List the usernames of all identities and signers in the database.

-ld

Like -l, but provide detailed information.

-li id_or_signer

Provide detailed information just about the named id or signer.

-r id_or_signer

Remove the id or signer from the database.

-t id_or_signer [true | false]

Set or reset the trust level for id or signer.

Examples

Create a new identity, arnold, who is to be trusted:

javakey -c arnold true

List detailed information about arnold:

javakey -li arnold

Previous: Reference: javahUNIX in a Nutshell: System V EditionNext: Reference: javald
Reference: javahBook IndexReference: javald
The UNIX CD Bookshelf NavigationThe UNIX CD BookshelfUNIX Power ToolsUNIX in a NutshellLearning the vi Editorsed & awkLearning the Korn ShellLearning the UNIX Operating System