Unable to create CSR certificate

Question

In linux, I am unable to create a CSR file using java with the following command. The same command works when accessing from the terminal directly.

 ../jre/bin/keytool -genkey -alias tomcat -keyalg RSA -keypass "password" -storePass "password" -keysize 2048 -validity 300 -dName "CN=testcn, OU=test, O=ME, L=testch, S=tests, C=testc" -keystore ../jre/bin/ssl.keystore

got below exception:

keytool error: java.lang.RuntimeException: Usage error, OU=test, is not a legal command

Thanks in advance :-)

Answer 1

Instead of passing the command as one string, try separating the command line into individual arguments.

In other words, try replacing

    Process p = Runtime.getRuntime().exec(command)

with

    Process p = Runtime.getRuntime().exec(new String[] {
            "keytool", "-genkey", "-alias", "tomcat", "-keyalg", "RSA", "-keypass", "password", "-storePass", "password", "-keysize", "2048",
            "-validity", "300", "-dName", "CN=testcn, OU=test, O=ME, L=testch, S=tests, C=testc", "-keystore", "test.keystore" });

Alternatively, use a ProcessBuilder:

    ProcessBuilder pb = new ProcessBuilder(
            "keytool", "-genkey", "-alias", "tomcat", "-keyalg", "RSA", "-keypass", "password", "-storePass", "password", "-keysize", "2048",
            "-validity", "300", "-dName", "CN=testcn, OU=test, O=ME, L=testch, S=tests, C=testc", "-keystore", "test.keystore");
    Process p = pb.start();

ProcessBuilders can only be created from a list of command-line arguments, not from a command-line. Runtime.getRuntime().exec(command) splits the command-line using a StringTokenizer and then passes the result to ProcessBuilder, and it appears that a StringTokenizer doesn't make a terribly good job of splitting that command line into its arguments.