Many times we need to convert our PKCS12 keystore/digital signature/digital id file to JKS files.
There are various many ways of doing it . Most blogs talk about how OpenSSL would help you do it and other go on about new tools.But its all within java keytool's capabilities.
Its actually as simple as what I quote below.
Goto your <JAVA_HOME>/jre/bin
This process will create a new jks file and call it exportfrompfx.jks
All the certificates with their aliases will be exported from MyPfx.pfx to exportfrompfx.jks
Use the following command then to verify your new keystore:
To selectively add each certificate use its alias.
Get the alias using the above mentioned list command
Use keytool to import that alias into your JKS keystore
There are various many ways of doing it . Most blogs talk about how OpenSSL would help you do it and other go on about new tools.But its all within java keytool's capabilities.
Its actually as simple as what I quote below.
Goto your <JAVA_HOME>/jre/bin
keytool -importkeystore -srckeystore MyPfx.pfx -srcstoretype pkcs12 -srcstorepass mysrcpassword -destkeystore exportfrompfx.jks -deststoretype jks -deststorepass mydestpassword
This process will create a new jks file and call it exportfrompfx.jks
All the certificates with their aliases will be exported from MyPfx.pfx to exportfrompfx.jks
Use the following command then to verify your new keystore:
keytool -list -storetype jks -keystore exportfrompfx.jks -v
To selectively add each certificate use its alias.
Get the alias using the above mentioned list command
keytool -list -storetype jks -keystore exportfrompfx.jks -v
Use keytool to import that alias into your JKS keystore
keytool -importkeystore -srckeystore MyPfx.pfx -srcstoretype pkcs12 -srcstorepass mysrcpassword -srcalias alias -destkeystore exportfrompfx.jks -deststoretype jks -deststorepass mydestpassword -destalias destalias
why do i get the following error?
ReplyDeletefileNoFound exportfrompfx.jks if this file has to be created..
This comment has been removed by the author.
ReplyDeleteHi ,
ReplyDeleteI have followed this article and i have created jks file using p12 certificate. But when am trying to invoke webservice with this jks i got below error
No Signature message in client
Can you tell me why this error came and how to invoke webservice with signature
Thanks
Govindh
Thank you foor writing this
ReplyDelete