Java keystore

# List what is in keystore
keytool -list -v -keystore /path/to/keystore.jks-storepass keystore_password
 
# Add certificate (public key) to keystore
keytool -import -alias certificate_alias -file project.crt  -keystore /path/to/project.jks -storepass keystore_password

#Export certificate (public key) from keystore
keytool -exportcert -rfc -file export.crt -keystore /path/to/project.jks -alias certificate_alias -storepass keystore_password
 
# Delete certificate (public key) from keystore 
keytool -delete -keystore /path/to/project.jks -alias certificate_alias -storepass keystore_password
 
#Create Keystore with keypair imported from pem + crt or add another keypair to keystore (pem to jks)
cat project.crt project.ca >project-chain.crt
openssl pkcs12 -export -in project-chain.crt -inkey project.key >project.p12
keytool -importkeystore -srckeystore project.p12 -srcstoretype pkcs12 -srcalias 1 -destalias project_keypair -destkeystore /path/to/project.jks
 
#Change password of keypair in keystore
keytool -keypasswd -alias project_keypair  -keystore /path/to/project.jks

#Private key export from keystore (jks to pem)
keytool -importkeystore -srckeystore  /path/to/project.jks -srcalias project_keypair  -destkeystore keystore.p12 -deststoretype PKCS12 -keypass key_password -storepass keystore_password
openssl pkcs12 -in keystore.p12 -out private.pem

see also openssl

  • No labels

Site may be often unavailable due to Russian invasion, but you can Help Ukraine