SHYAM RAO
How to import PFX file into JKS using pkcs12import utility
The pkcs12import utility allows Public-Key Cryptography Standards version 12 (PKCS-12) files (referred to as PFX files) to be imported into a keystore, typically a keystore of type Java KeyStore (JKS).
If you have PKCS-12 formatted file, you would import
this key-pair (certificate/private-key pair) into your private keystore
using the pkcs12import utility. The result of
the import is that the private-key and the corresponding certificate in
the PKCS-12 file are stored as a key entry inside the keystore,
associated with some alias.
The pkcs12import utility can be found here. Unzip the downloaded pkcs12import.zip file. pkcs12import utility can be run from the command line by executing pkcs12import.sh (on Unix systems) or pkcs12import.bat (on Windows systems). Before executing this script, make sure JAVA_HOME environment variable points to your JAVA installation.
Posted at 04:28PM Jul 18, 2007 by Shyam Rao in WebServicesSecurity | Comments[1]
it's a pity it does not allow for creation of a new jks keystore -- that's the whole idea, to be able to convert pkcs12 into jks.
so one has to create an empty keystore first:
keytool -genkey -dname 'CN=1' -alias 1 -keystore new_keystore.jks -storepass 'password' -keypass 'password'
keytool -delete -keystore new_keystore.jks -alias 1 -storepass 'password'
or just use keytool from java 6 (keytool -importkeystore -srcstoretype PKCS12)
Posted by oleg morenkov on July 21, 2008 at 12:08 AM IST #