Skip to content

Instantly share code, notes, and snippets.

@kumar-de

kumar-de/JKS-to-PKCS12-to-PEM.md

Last active May 6, 2020 15:21
Show Gist options
  • Save kumar-de/792730a72ebd68a81e10ef140e7568c4 to your computer and use it in GitHub Desktop.
Save kumar-de/792730a72ebd68a81e10ef140e7568c4 to your computer and use it in GitHub Desktop.
Download ZIP
Convert from JKS keystore to PKCS format #JKS #PKCS #truststore #certs #certificate #key #pem #ssl #openssl
Raw
JKS-to-PKCS12-to-PEM.md

List keystore/truststore entries

keytool -list -v -keystore keystore.jks

Use Java keytool to convert from JKS to P12

Export from keytool's proprietary format (called "JKS") to standardized format PKCS #12:

keytool -importkeystore -srckeystore keystore.jks -destkeystore keystore.p12 -deststoretype PKCS12 -srcalias <jkskeyalias> -deststorepass <password> -destkeypass <password>

Then use openssl to export from P12 to PEM

Export certificate using openssl:

openssl pkcs12 -in keystore.p12  -nokeys -out cert.pem

Export unencrypted private key:

openssl pkcs12 -in keystore.p12  -nodes -nocerts -out key.pem

For bundle, just copy the public key from cert.pem file to another file called bundle.pem.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment