Search code examples
javacoldfusionkeytool

Keytool is not recognized as an internal or external command

I am trying to discover the list of trusted authorities in my Java Runtime using the instructions in this article. When I typed the command below:

C:\ColdFusion8\runtime\jre\lib>keytool -list -storepass changeit -noprompt -keystore

I got the following error:

'keytool' is not recognized as an internal or external command, operable program or batch file.

I checked that the directory containing my keytool executable is in the path. (On my Windows 7 machine, it's in C:\Program Files (x86)\Java\jre6\bin) Despite this, the command line will not recognise the keytool command.

I'm assuming that there are two separated commands mentioned in the doc:

  1. C:\CFusionMX\runtime\jre\lib>keytool -list -storepass changeit -noprompt -keystore

  2. C:\CFusionMX\runtime\jre\lib\security\cacerts

EDIT:

By the way can I use the following process instead of complex steps mentioned in the answer?

  1. When I opened the WSDL into my browser, I saw the Lock icon, when I clicked on it a "Certificate" window opened

  2. Then I clicked on "Install Certificate" option

  3. A Certificate Import Wizard window opened, I clicked on Next I saw two options

    • a) Automatically select the certificate store based on the type of certificate (this option was selected automatically)
    • b) Place all certificates in the following store

I decided to select option (b), but I'm confused which certificate store I should select here.

Solution

  • You are getting that error because the keytool executable is under the bin directory, not the lib directory in your example. And you will need to add the location of your keystore as well in the command line. There is a pretty good reference to all of this here - Jrun Help / Import certificates | Certificate stores | ColdFusion

    The default truststore is the JRE's cacerts file. This file is typically located in the following places:

    • Server Configuration:

      cf_root/runtime/jre/lib/security/cacerts

    • Multiserver/J2EE on JRun 4 Configuration:

      jrun_root/jre/lib/security/cacerts

    • Sun JDK installation:

      jdk_root/jre/lib/security/cacerts

    • Consult documentation for other J2EE application servers and JVMs

    The keytool is part of the Java SDK and can be found in the following places:

    • Server Configuration:

      cf_root/runtime/bin/keytool

    • Multiserver/J2EE on JRun 4 Configuration:

      jrun_root/jre/bin/keytool

    • Sun JDK installation:

      jdk_root/bin/keytool

    • Consult documentation for other J2EE application servers and JVMs

    So if you navigate to the directory where the keytool executable is located your command line would look something like this:

    keytool -list -v -keystore JAVA_HOME\jre\lib\security\cacert -storepass changeit

    You will need to supply pathing information depending on where you run the keytool command from and where your certificate file resides.

    Also, be sure you are updating the correct cacerts file that ColdFusion is using. In case you have more than one JRE installed on that server. You can verify the JRE ColdFusion is using from the administrator under the 'System Information'. Look for the Java Home line.