Monday, May 2, 2016

How to extract Private key from keystore ?

There can be a situation where you want to extract private key from your keystore but it is not a straight forward as we think as It involves two steps i.e.
·         Extracting private key from keystore in PKCS#12 format
·         Converting it to .PEM file

Step1: Extracting in PKCS format
keytool -v -importkeystore -srckeystore KEYSTORE_NAME -srcalias CERTIFICATE_ALIAS -destkeystore FILE_NAME.p12 -deststoretype PKCS12
Eg: keytool -v -importkeystore -srckeystore keystore.jks -srcalias  application -destkeystore privatekey.p12 -deststoretype PKCS12

Note: If you don’t know the alias name of your certificate then you can display it:
keytool -list -v -keystore keystore.jks
Step2: Converting it into .PEM FILE
openssl pkcs12 -in privatekey.p12 -out private.pem