I would like to check lifetime of public certificates located in a keystore using keytool.exe. Via comandline I would be asked for a password. Just pressing “ENTER” shows expected information. Now I would like to automate this for monitoring reasons but don’t get any certificate information:
$keystore = “E:\Recommind\AXC\properties\security\caKeystore.publicprivate”
Set-Location “E:\Recommind\GAIA\jdk\bin”
$params = @{
FilePath = “E:\Recommind\GAIA\jdk\bin\keytool.exe”
ArgumentList = ‘-v’, ‘-list’, “-keystore $keystore”, ‘-storepass’
RedirectStandardOutput = “c:\temp\keystore.txt”
PassThru = $true
}
$proc = Start-Process @params
Any ideas what’s missing/wrong ?
This solution stores the default java keystore password in plaintext. This can be a security issue in some causes. After running code, your keystore.txt will contain contents of keystore.
$keystore = 'E:\Recommind\AXC\properties\security\caKeystore.publicprivate'
$mypass = 'changeit'
Set-Location 'E:\Recommind\GAIA\jdk\bin'
$params = @{
FilePath = 'E:\Recommind\GAIA\jdk\bin\keytool.exe'
ArgumentList = "-v -list -keystore $keystore -storepass $mypass"
RedirectStandardOutput = 'c:\temp\keystore.txt'
PassThru = $True
}
$proc = Start-Process @params
Thanks. I don’t know if it is a common behavior - when running keytool and answering password with ENTER only public information will be shown. And this is the way I want to go. Right now I have a workaround by using a textfile as output:
$keystore = “E:\Recommind\AXC\properties\security\caKeystore.publicprivate”
$keytoolOutput = Start-Process -FilePath “E:\Recommind\GAIA\jdk\bin\keytool.exe” -ArgumentList “-v”, “-list”, “-keystore $keystore”, “-storepass” -PassThru -Wait -NoNewWindow | out-file “c:\temp\certout.txt”
I would prefer using a variable instead …