13

I want to know if there is a way to create .key file for (public and private key) using keytool , I understand that we can generate a keystore using below command

keytool -genkeypair -keysize 2048 -keyalg RSA -alias appalias -keystore D:\..\..

which has the keypair , I am also aware of java way of retrieving the keys from keystore , but is there a direct way for it using KEYTOOL

user3185729
  • 216
  • 1
  • 3
  • 10
  • 1
    Stack Overflow is a site for programming and development questions. This question appears to be off-topic because it is not about programming or development. See [What topics can I ask about here](http://stackoverflow.com/help/on-topic) in the Help Center. Perhaps [Super User](http://superuser.com/) or [Unix & Linux Stack Exchange](http://unix.stackexchange.com/) would be a better place to ask. Also see [Where do I post questions about Dev Ops?](http://meta.stackexchange.com/q/134306) – jww Mar 16 '17 at 16:00

3 Answers3

5

It's possible to extract the public keys using keytool, check this link.

Export/import commands We'll use the keytool -export command to extract the public key into a file, and then use the keytool -import command to insert it into a new keystore. Here's the command to extract the client's public key: 

keytool -export -alias clientprivate -keystore client.private -file temp.key -storepass clientpw

And here's the command to insert the client's private key into its own keystore:

keytool -import -noprompt -alias clientpublic -keystore client.public -file temp.key -storepass public

We'll also extract and store the server's public key. Here's the command to extract the key: 

keytool -export -alias serverprivate -keystore server.private -file temp.key -storepass serverpw

And here's the command to place it in its own keystore: 

keytool -import -noprompt -alias serverpublic -keystore server.public -file temp.key -storepass public
Krishnaraj
  • 2,360
  • 1
  • 32
  • 55
  • 1
    This is misleading. Your examples don't extract a "public" key or a "private" key in the strict sense of encryption. They simply extract the key identified by the alias. Indeed the two -export and -import commands are identical except for the file names and aliases. – DAB Apr 20 '21 at 17:04
1

As per the findings there is no direct way to extract the private key out of the keystore , this link How can I export my private key from a Java Keytool keystore? helped to me extract the keys , it requires OpenSSL but i think thats the only way to go.

Community
  • 1
  • 1
user3185729
  • 216
  • 1
  • 3
  • 10
0

As far as I remember puttygen can generate public and private key files. Try it and let me know if it works. Regards

http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html

skywalker
  • 696
  • 2
  • 16
  • 37
  • Thanks for replying NevyanovL , puttygen can be a way to generate keys and we also have openssl that can do the job but its like i am looking for a way where it can be done using keytool only – user3185729 Sep 30 '15 at 16:10