[lug] Migrating x509 public/private keypair to java jks

Andrew Diederich andrewdied at gmail.com
Mon Apr 10 17:12:11 MDT 2006


On 4/10/06, Garett Shulman <shulmang at colorado.edu> wrote:

> It should be possible to import cert.pem into a keystore. I usually use
> do something like:
> keytool -import -trustcacerts -keystore
> $JAVA_HOME/jre/lib/security/cacerts -alias mycert -file path_to/cert.pem
>
> What does the cert look like if you open it in an editor?
> -----BEGIN CERTIFICATE-----
> FSfwofidFWefiowdf90...
> -----END CERTIFICATE-----

That's half of it.  I can import a public certificate to the keystore
as long as the private key is already there.  I can't figure out how
to get an existing private key into a keystore.  So, the certificate I
have looks like what you have, and I also have a private key that
looks like:
-----BEGIN RSA PRIVATE KEY-----
MIIEqzCCApOgAwIBAg...
-----END RSA PRIVATE KEY-----

--
Andrew Diederich



More information about the LUG mailing list