Saturday, February 2, 2008

KeyTool IUI to generate and manage EC keys and certificates

Came across this neat tool to generate EC/Elliptic Curve keys and certificates (in addition to DSA and RSA Keys). Keys can be stored in a keystore of a JKS/JCEKS format. It is a nice GUI based tool that can even create certificates from entries stored in the key store.

Some quick steps on how to get started with your first EC Key Pair and certificate:

  1. Select View -> Select -> Create -> KeyStore and create a keystore
  2. Select View -> Select -> Create -> KeyStore Entry -> EC Key to create a EC Key
    1. EC Keys can be created with 192, 239 and 256 bits
    2. Signature algorithms are available SHA1withECDSA upto SHA512ECDSA
    3. It supports X500 Certificate v1 and v3
  3. Go to View -> Select Task -> Export -> Certificate -> From Private Key Entry to create your first EC Certificate.

Voila !!!!

KeyTool IUI is available here:

Another link on how to do certain tasks using this tool:


ban said...

New location for keyTool IUI:

keyTool IUI is now an open-source project

ban said...

keyTool IUI, v. 2.4.1 can be downloaded at

edulib said...

If you want to replace keytool with a GUI tool then you can also use CERTivity.

It can handle different types of keystores (JKS, JCEKS, PKCS12, BKS, UBER, Windows) and digital signatures.