Actually, just to pedantically clear up one potential source of confusion -- you're not getting a list of keys, you're getting a list of aliases for entries, which can be one of three things:
1) A trusted certificate entry (what "trusted" means here depends on how the keystore is being used) -- the ones in the cacerts file are "really trusted" -- the normal Certificate Authority certs. 2) An entry containing a private key and its corresponding public certificate. 3) A secret key entry (for non-public-key encryption). I would guess (purely a guess) that the GCJ version is deemed incompatible because of minor variations in the command-line syntax -- such as here -- or possibly text output format. Android really shouldn't be using the command-line tool at all, except in documentation. But indeed, I would want to ensure I was using a supported version for production use. Keytool is perverse. There's no way to just create a keystore for later use. You can create one with a keypair, and delete it. You can't import a private key and certificate in any of the usual standalone formats, but you can import from a keystore. The -list command with the -rfc argument is how you extract a certificate. If you want to extract a private key into another format, you'll need to write code. But it's not just Java. OpenSSH is even more perverse. -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en