4 Security Tools and Commands

You use specific JDK security tools and commands to set security policies on your local system and create applications that can work within the scope of the security policies set at remote sites.

The following sections describe the security tools and commands used to set security policies and to create applications:

  • keytool: You use the keytool command and options to manage a keystore (database) of cryptographic keys, X.509 certificate chains, and trusted certificates.

  • jarsigner: You use the jarsigner tool to sign and verify Java Archive (JAR) files.

  • policytool: You use policytool to read and write a plain text policy file based on user input through the utility GUI.


    The policytool tool has been deprecated in JDK 9 and might be removed in the next major JDK release.

The following sections describe the Kerberos security tools and commands for Windows systems:

  • kinit: You use the kinit tool and its options to obtain and cache Kerberos ticket-granting tickets.

  • klist: You use the klist tool to display the entries in the local credentials cache and key table.

  • ktab: You use the ktab tool to manage the principal names and service keys stored in a local key table.