If the supplier gave you a PKCS12 file, then feel free to use the
following to import the key and certificate into your JKS keystore.
Not a lot of error-checking in here, since I use it for my personal
use.
Arshad Noor
StrongAuth, Inc.
------------------------
import java.security.*;
import java.io.*;
class p12jkstool
{
static public void main(String[] args) throws Exception
{
if (args.length < 7)
{
System.err.println("Usage: java p12TOjks <pkcs12-file>
<pkcs12-password> <pkcs12-alias> <jks-keystore> <jks-password>
<jks-alias> <new-jks-keystore>");
return;
}
String p12file = args[0];
String p12pin = args[1];
String p12alias = args[2];
String jksfile = args[3];
String jkspin = args[4];
String jksalias = args[5];
String newjks = args[6];
try
{
//pkcs12 keystore
KeyStore pks = KeyStore.getInstance("pkcs12");
//jks keystore
KeyStore jks = KeyStore.getInstance("jks");
// load the pkcs12 file
pks.load(new FileInputStream(p12file), p12pin.toCharArray());
// load the jks file (have to have an existing one)
jks.load(new FileInputStream(jksfile), jkspin.toCharArray());
//read the p12 certificate
java.security.cert.Certificate [] cc =
pks.getCertificateChain(p12alias);
Key k = pks.getKey(p12alias, p12pin.toCharArray());
// add to keystore and save
jks.setKeyEntry(jksalias, k, jkspin.toCharArray(), cc);
FileOutputStream out = new FileOutputStream(newjks);
jks.store(out, jkspin.toCharArray());
out.close();
System.out.println("Transferred P12 key to new JKS
keystore: " + newjks);
} catch (Exception ex) {
ex.printStackTrace();
}
}
}
------------------------
Ed Sweet wrote:
My main question here is what procedure should I be using to create the
keystore from keys/certificates supplied by a thrid-party? I can use the
test keystore supplied with the xml-security library with my code no
problem, it's just when I try and use a keystore I've created myself I
get this exception. What procedure do you use?
Thanks for your help,
