Keytool is not recognized as an internal or external command

You are getting that error because the keytool executable is under the bin directory, not the lib directory in your example. And you will need to add the location of your keystore as well in the command line. There is a pretty good reference to all of this here – Jrun Help / Import certificates | Certificate stores | ColdFusion

The default truststore is the JRE’s cacerts file. This file is typically located in the following places:

  • Server Configuration:cf_root/runtime/jre/lib/security/cacerts
  • Multiserver/J2EE on JRun 4 Configuration:jrun_root/jre/lib/security/cacerts
  • Sun JDK installation:jdk_root/jre/lib/security/cacerts
  • Consult documentation for other J2EE application servers and JVMs

The keytool is part of the Java SDK and can be found in the following places:

  • Server Configuration:cf_root/runtime/bin/keytool
  • Multiserver/J2EE on JRun 4 Configuration:jrun_root/jre/bin/keytool
  • Sun JDK installation:jdk_root/bin/keytool
  • Consult documentation for other J2EE application servers and JVMs

So if you navigate to the directory where the keytool executable is located your command line would look something like this:

keytool -list -v -keystore JAVA_HOME\jre\lib\security\cacert -storepass changeit

You will need to supply pathing information depending on where you run the keytool command from and where your certificate file resides.

Also, be sure you are updating the correct cacerts file that ColdFusion is using. In case you have more than one JRE installed on that server. You can verify the JRE ColdFusion is using from the administrator under the ‘System Information’. Look for the Java Home line.

Leave a Comment