0

Instead of using keytool in cmd or openssl, I want to convert a jks file to a p12 file in Java.

My code so far is this: 

KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());

char[] password = "lol".toCharArray();
ks.load(null, password);

FileOutputStream fos = new FileOutputStream("C:\\Users\\Antonio\\Desktop\\jkstest\\test.jks");
ks.store(fos, password);
fos.close();

Thats how I create a jks file. But I did not find any information about how to convert it to anything. Who does know a solution? Thanks for every answer!

  • Use Java 9 or higher; the default _is_ PKCS12 in modern versions. In Java 8 (and back to 5 IIRC) use `getInstance("PKCS12")` per [the documentation](https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#KeyStore) (remembering case is ignored in JCE algorithm names). However, a keystore with nothing in it is useless in any format. – dave_thompson_085 Mar 31 '20 at 19:14
  • Its just an example. Later I will add values –  Mar 31 '20 at 19:27

1 Answers1

1

You have to enumerate aliases in the source KeyStore and do setEntry() on the target key store for each Entry that you get from the source key store.

Also, as mentioned by Dave in the comment, use explicit getInstance("PKCS12") for the target key store.

wilx
  • 17,697
  • 6
  • 59
  • 114
  • Thanks. I have to differentiate between Entries and Certificates right? Or is every value an entry? –  Apr 01 '20 at 06:59
  • See the first page, and the 'nested classes' section, of the javadoc for KeyStore at the link wilx gave. There are three classes that 'implement' Entry and TrustedCertificateEntry is one of them. – dave_thompson_085 Apr 01 '20 at 08:38