Summary of JDK 1.2 Security Tools

Last Modified: 6 October, 1997

Below is a brief summary of the Security Tools, with links to the more detailed documentation.

The keytool, jar, jarsigner, and policytool tools are included as tools in the sun.* packages. (Note: the jar tool was also available in JDK 1.1.)

The keytool and jarsigner tools replace javakey, which was an interim tool introduced in JDK 1.1. These new tools provide more features than javakey, including the ability to protect the keystore and private keys with passwords, and the ability to verify signatures in addition to generating them. The new keystore architecture replaces the identity database that javakey created and managed. It is possible to import the information from an identity database into a keystore, via a keytool command.

keytool (for Solaris) (for Windows)

Use keytool to create public/private key pairs and self-signed X.509 v1 certificates, and to manage keystores. Keys and certificates are used to digitally sign your Java applications and applets (see jarsigner below). A keystore is a protected database that holds keys and certificates for an enterprise. Access to a keystore is guarded by a password (defined at the time the keystore is created, by the person who creates the keystore, and changeable only when providing the current password). In addition, each private key in a keystore can be guarded by its own password.

jar (for Solaris) (for Windows)

Use jar to create JAR files. JAR is the Java Archive format, which is the ZIP format plus some meta-data files.

jarsigner (for Solaris) (for Windows)

Use jarsigner to sign JAR files, or to verify signatures on signed JAR files. jarsigner accesses the keystore that is created and managed by keytool, when it needs to find the private key to use when signing a JAR file. Since accesses to the keystore and to private keys are protected by passwords, only people who know the passwords will be able to access a key and use it to sign a JAR file. jarsigner prompts for needed passwords.

policytool GUI tool (for Solaris) (for Windows)

Use policytool to create and modify the external policy configuration files that define your installation's Java security policy. The policy is described in the Security Architecture Specification. Further information is provided in Default Policy Implementation and Policy File Syntax.


Copyright © 1997-98 Sun Microsystems, Inc. All Rights Reserved.

Please send comments to: java-security@java.sun.com. This is not a subscription list.
Sun
Java Software Division