Home 
jksExportKey
jksExportKey
jksExportKey
It is a utility for extracting Private Keys from Java Key Store. I don't know why, but this functionality does not exist in keytool, provided with the JDK.
Downloads:
HOW-TO for usege of the .jar file:
This is a linux shell script. The analogue .bat file for Windows will be almost the same.
java -jar <jar.file> <jks.file> <alias.in.jks> <jks.password> > <private-key.pkcs8.key>
HOW-TO for extracting all information from JKS :
#!/bin/bash
# CONFIG SECTION **************
JKS=joroKeyStore.jks
JKSP=thepassword
ALIAS=https
ALIASP=otherpassword
KEYSIZE=2048
KEYSIZE=1024
VALIDITY=1500
KEYTOOLARG=-v
SLEEP=1
JKSEXPORTKEYJAR=/path/to/jar/jksExportKey-1.0.jar
# FUNCTIONAL SECTION ****************
# You normally hane not to touch something below
# CopyRight, miteff.com, package jksExportKey, LegoMit
echo .
echo ____Old $JKS will be deleted...
sleep $SLEEP
rm $JKS
echo .
echo ____ Generating a $JKS keystore with an alias $ALIAS inside...
keytool -genkey $KEYTOOLARG -dname "CN=Georgi Mitev,OU=R&D,O=miteff.com,L=Sofia,ST=Bulgaria,C=BG" -alias $ALIAS -keypass "$ALIASP" -keystore $JKS -storepass "$JKSP" -keyalg "RSA" -keysize $KEYSIZE -validity $VALIDITY
echo .
echo ____ Showing the information in the keystore...
keytool -list -keystore joroKeyStore.jks -storepass "$JKSP"
echo .
echo ____ Showing the information $ALIAS in the keystore...
keytool -list -v -keystore joroKeyStore.jks -alias $ALIAS -storepass "$JKSP"
echo .
echo ____ Exporting to .der.crt
keytool -export -keystore $JKS -alias $ALIAS -file $ALIAS.der.crt -storepass "$JKSP"
echo .
echo ____ Showing information from .der.crt file [via keytool]:
keytool -printcert -file $ALIAS.der.crt
echo .
echo ____ Showing information from .der.crt file [via openssl]:
openssl x509 -noout -text -in $ALIAS.der.crt -inform der
echo .
echo ____ Converting .der.crt to .pem.crt:
openssl x509 -out $ALIAS.pem.crt -outform pem -in $ALIAS.der.crt -inform der
echo .
echo ____ Exporting private key from keystore to key file [pkcs8 in PEM format]
java -jar $JKSEXPORTKEYJAR $JKS $ALIAS $JKSP > $ALIAS.pkcs8.pem.key
echo .
echo ____ Converting the private key to DER format
openssl pkcs8 -topk8 -nocrypt -in $ALIAS.pkcs8.pem.key -outform der -out $ALIAS.pkcs8.der.key
echo .
echo ____Done
ls -la
echo .
echo .
echo .