Cryptography Tutorials - Herong's Tutorial Examples - Version 5.35, by Dr. Herong Yang
Summary - Migrating "OpenSSL" Keys to "keystore"
This section describes high level steps on how to migrate a private key generated by 'OpenSSL' into a JKS (Java KeyStore) file. The key step is to merge the private key with its self-signed certificate into a PKCS#12 file.
As a summary, I want offer some notes here about migrating private keys from "OpenSSL" files to "keytool" keystore files:
There is no easy way to just migrate the private keys from "OpenSSL" key files directly to "keytool" keystore files.
"openssl pkcs12 -export" command should be used to combine the private key file and the self-signed certificate file in a PKCS#12 file.
"keytool" can use the PKCS#12 file directly with the "-storetype pkcs12" open.
"keytool -importkeystore" command should be used to convert the PKCS#12 file into a JKS (Java KeyStore) file.
Last update: 2013.
Table of Contents