Home jksExportKey

jksExportKey

It is a utility for extracting Private Keys from Java Key Store. I don't know why, but this functionality does not exist in keytool, provided with the JDK.

Downloads:

1.0

 

HOW-TO for usege of the .jar file:

This is a linux shell script. The analogue .bat file for Windows will be almost the same.

java -jar <jar.file> <jks.file> <alias.in.jks> <jks.password> > <private-key.pkcs8.key>

HOW-TO for extracting all information from JKS :

#!/bin/bash
# CONFIG SECTION **************
JKS=joroKeyStore.jks
JKSP=thepassword
ALIAS=https
ALIASP=otherpassword
KEYSIZE=2048
KEYSIZE=1024
VALIDITY=1500
KEYTOOLARG=-v
SLEEP=1
JKSEXPORTKEYJAR=/path/to/jar/jksExportKey-1.0.jar

# FUNCTIONAL SECTION ****************
# You normally hane not to touch something below
# CopyRight, miteff.com, package jksExportKey, LegoMit
echo .
echo ____Old $JKS will be deleted...
sleep $SLEEP
rm $JKS

echo .
echo ____ Generating a $JKS keystore with an alias $ALIAS inside...
keytool -genkey $KEYTOOLARG -dname "CN=Georgi Mitev,OU=R&D,O=miteff.com,L=Sofia,ST=Bulgaria,C=BG" -alias $ALIAS  -keypass "$ALIASP" -keystore $JKS -storepass "$JKSP" -keyalg "RSA" -keysize $KEYSIZE -validity $VALIDITY

echo .
echo ____ Showing the information in the keystore...
keytool -list -keystore joroKeyStore.jks -storepass "$JKSP"

echo .
echo ____ Showing the information $ALIAS in the keystore...
keytool -list -v -keystore joroKeyStore.jks -alias $ALIAS -storepass "$JKSP"

echo .
echo ____ Exporting to .der.crt
keytool -export -keystore $JKS -alias $ALIAS -file $ALIAS.der.crt  -storepass "$JKSP" 

echo .
echo ____ Showing information from .der.crt file [via keytool]:
keytool -printcert -file $ALIAS.der.crt

echo .
echo ____ Showing information from .der.crt file [via openssl]:
openssl x509 -noout -text -in $ALIAS.der.crt  -inform der

echo .
echo ____ Converting .der.crt to .pem.crt:
openssl x509 -out $ALIAS.pem.crt -outform pem -in $ALIAS.der.crt  -inform der

echo .
echo ____ Exporting private key from keystore to key file [pkcs8 in PEM format]
java -jar $JKSEXPORTKEYJAR $JKS $ALIAS $JKSP > $ALIAS.pkcs8.pem.key

echo .
echo ____ Converting the private key to DER format
openssl pkcs8 -topk8 -nocrypt -in $ALIAS.pkcs8.pem.key -outform der -out $ALIAS.pkcs8.der.key

echo . echo ____Done ls -la echo . echo . echo .