Hi,
What I did was this:
1) I created a keystore with a new private key via:
keytool -genkey
... which will create a JKS keystore
2) I then load the PKCS12 keystore
KeyStore inputKeyStore = KeyStore.getInstance( "PKCS12" );
inputKeyStore.load(new FileInputStream("replace_with_your_PKCS12_keystore.p12"), "replace_with_your_passphrase".toCharArray());
3) I then load the JKS keystore
KeyStore outputKeyStore = KeyStore.getInstance( "JKS" );
outputKeyStore.load( new FileInputStream("replace_with_your_JKS_keystore.jks"), "replace_with_your_JKS_passphrase".toCharArray());
4) I then load the certs from the PKCS12 and store them into the JKS keystore:
Enumeration aliases = inputKeyStore.aliases();
String alias;
Certificate certs[];
Certificate cert;
X509Certificate x509cert;
Key key = null;
while( aliases.hasMoreElements() ) {
alias = (String) aliases.nextElement();
System.out.println( "Alias: " + alias + " =========================== " );
if( inputKeyStore1.isKeyEntry( alias ) ) {
key = inputKeyStore1.getKey( alias, "wcapcertpreconfig37".toCharArray() );
System.out.println( "Private Key Type: " + key.getClass().getName() );
System.out.println( "Private Key Algorithm: " + key.getAlgorithm() );
System.out.println( "Private Key Format: " + key.getFormat() );
}
certs = inputKeyStore.getCertificateChain( alias );
System.out.println( "Certificate chain has " + certs.length + " entries." );
for( int i = 0 ; i < certs.length; i++ ) {
cert = certs[ i ];
System.out.println( " ----------------------------------- " );
System.out.println( "\tType: " + cert.getType() );
System.out.println( "\tIsKey: " + inputKeyStore1.isKeyEntry( alias ));
System.out.println( "\tIsCertificate: " + inputKeyStore1.isCertificateEntry( alias ));
if( cert instanceof X509Certificate ) {
x509cert = ( X509Certificate ) cert;
System.out.println( "\tSubject: " + x509cert.getSubjectDN().getName() );
System.out.println( "\tIssuer: " + x509cert.getIssuerDN().getName() );
}
System.out.println( "\tPublic Key Algorithim: " + cert.getPublicKey().getAlgorithm() );
System.out.println( "\tPublic Key Format: " + cert.getPublicKey().getFormat() );
}
outputKeyStore.setKeyEntry( alias, key, "replace_with_your_JKS_passphrase".toCharArray(), certs );
}
System.out.println( "Saving to new keystore ... " );
outputKeyStore.store( new FileOutputStream( "replace_with_your_JKS_keystore.jks" ), "replace_with_your_JKS_passphrase".toCharArray() );
System.out.println( "New keystore saved " );
5) I then repeat the same process for each PKCS12 file.
Tim Wild wrote:
Hi,
Can anyone tell me how to get my client certificate, complete with private key, into my Java keystore? I have my openssl generated certificate and private key in .pem files. I can get it in sometimes, but never with private key, and if I do get it in I get errors when I try to use Java to present the client cert. I've read LOTS of guides on the web, but none seem accurate.
I managed this yesterday, but I can't work out how I did it... this key/keystore/certificate stuff's driving my crazy!
Many thanks for any ideas
Tim
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-- Jesus M. Salvo Jr. Mobile Internet Group Pty Ltd (formerly Softgame International Pty Ltd) M: +61 409 126699 T: +61 2 94604777 F: +61 2 94603677
PGP Public key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0BA5348
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
