Generates a key in a keystore.
| Attribute | Description | Required |
|---|---|---|
| alias | the alias to add under | Yes. |
| storepass | password for keystore integrity. Must be at least 6 characters long | Yes. |
| keystore | keystore location | No |
| storetype | keystore type | No |
| keypass | password for private key (if different) | No |
| sigalg | the algorithm to use in signing | No |
| keyalg | the method to use when generating name-value pair | No |
| verbose | (true|false) verbose output when signing |
No |
| dname | The distinguished name for entity | Yes unless <dname> element is specified |
| saname | The subject alternative name for entity. Requires Java 7 or higher. | No |
| validity | (integer) indicates how many days certificate is valid | No |
| keysize | (integer) indicates the size of key generated | No |
Alternatively you can specify the distinguished name by creating a <dname>
sub-element and populating it with <param> elements that have a name
and a value. When using the subelement, it is automatically encoded properly and commas
(,
) are replaced with \,
.
The following two examples are identical:
<genkey alias="apache-group" storepass="secret"
dname="CN=Ant Group, OU=Jakarta Division, O=Apache.org, C=US"/>
<genkey alias="apache-group" storepass="secret">
<dname>
<param name="CN" value="Ant Group"/>
<param name="OU" value="Jakarta Division"/>
<param name="O" value="Apache.Org"/>
<param name="C" value="US"/>
</dname>
</genkey>