CAST AIP - SSL - Secure Socket Layer (SSL) Tools

This section deals with Secure Socket Layer (SSL) tools .  These tools help with management and storage of certificates and keys used in SSL.


Applicable in CAST Version



8.3.x (tick)



See the sections below for information on these tools:




  • A Java keystore maintains keys and certificates in a secure manner in a repository.
  • keytool is a Java utility that is part of the Java JDK which allows for performing tasks on a Java keystore.
  • Basic operations are:
    • listing contents (keytool -list)
      • Example:  keytool -list -keystore <keystore_path>
    • importing certificates (keytool -import)
      • Example for importing into root certificates - see documentation below for further information:  keytool  -import -trustcacerts -file <certificate_path> -alias <alias_name> -keystore <keystore_path>
    • exporting certificates (keytool - export)
      • Example:  keytool  -export -file <export_path> -alias <alias_name> -keystore <keystore_path>
    • Deleting certificates (keytool -delete)
      • Example:  keytool -delete -alias <alias_name> -keystore <keystore_path>
    • generating certificates (see documentation below to fully understand the options)

For further information, please see:



  • Openssl is a command line tool that generally needs to be compiled or added to an operation system
  • Openssl is used in encryption
  • It can be used to manipulate certificates and/or create certain kinds of certificates (for example to convert a *.crt file and private key into a *.pk7 certificate)

For further information, please see:





Have more questions? Submit a request


Powered by Zendesk