tech jogging There are two major ways to convert PEM file into Java keystore one. The fist way is very easy because it is used a tool which is capable of direct conversion of those files. As a tool, for example, you can use KeyStore Explorer. The second way is not trivial as the first one as it requests multiple steps, but you can use a tool which is already available on your computer. The Java keytool is a command line utility supplied with a Java installation.
The sample is based on a PEM certificate including only public key. The commands are run in Red Hat Linux 7.9.
Create empty java key store
a) Create key story with dummy certificate
keytool -genkeypair -alias dummy -storepass changeit -keypass changeit -keystore my_java_keystore.jks -dname "CN=Developer, OU=Department, O=Company, L=City, ST=State, C=CA"Store and key passwords are changeit. The output file is my_java_keystore.jks.
b) Delete dummy certificate
keytool -delete -alias dummy -storepass changeit -keystore my_java_keystore.jks
c) Validate the key store
keytool -list -keystore my_java_keystore.jks -storepass changeit
Output
Keystore type: PKCS12 Keystore provider: SUN Your keystore contains 0 entriesAdd PEM certificate
a) Review the certificate included in PEM file. This is an optional step
keytool -printcert -file your_certificate.pem
Your PEM file is your_certificate.pem.
b) Add public key
keytool -import -file your_certificate.pem -alias your_alias -keystore my_java_keystore.jks -deststorepass changeit
Your PEM file with a public key is your_certificate.pem. Replace your_alias name with yours.
c) Validate the key store
keytool -list -keystore my_java_keystore.jks -storepass changeit
Output
Keystore type: PKCS12 Keystore provider: SUN Your keystore contains 1 entry your_alias, Sep 3, 2022, trustedCertEntry, Certificate fingerprint (SHA-256): 00:F2:DC:06:5C:9C:96:7A:47:C6:C6:27:EC:A9:70:F9:85:9E:74:79:3D:BE:27:FC:0F:9E:F4:1A:CC:B3:D8:5B
Resources
Comments
comments powered by Disqus