stackoom
  简体   繁体   中英

import encrypted private key to jks

 原文  2015-02-05 10:53:03       encryption/ import/ key/ private/ jks

Question

I need use ssl(2 way handshake) socket for connection in my project. So for creating keys, i used openssl with this comands :

for server : 

req -x509 -days 3650 -nodes -newkey rsa:2048 -keyout a_private.key -out a_certificate.cert

rsa -in a_private.key -des3 -out a_private_des.key

rsa -in a_private_des.key -pubout -out a_pub.key

for client : 

req -x509 -days 3650 -nodes -newkey rsa:2048 -keyout b_private.key -out b_certificate.cert

rsa -in b_private.key -des3 -out b_private_des.key

rsa -in b_private_des.key -pubout -out b_pub.key

for import to jks file i used keytool: 

keytool -import -alias a_private -file a_private_des.key -keystore a.jks

keytool error: java.lang.Exception: Input not an X.509 certificate

after that, I made der file with this command : 

pkcs8 -topk8 -in a_private_des.key -out a_private_des.der -outform DER

and retry to import key to jks file: 

keytool -import -alias a_private -file a_private_des.der -keystore a.jks

keytool error: java.lang.Exception: Input not an X.509 certificate

and I get same exception with b_pub.key

how can I import encrypted private key and public key in jks file ?

tanx alot.

2 answers

solution1
 0  2015-02-06 12:33:49

I believe the -import option only let's you import certificates, not keys. Looking at this post it seems you may have to write some kind of workaround.

solution2
 0  2019-05-27 05:58:55

To import a key pair (key and cert) into a java keystore, you first need to create a p12 file. Whilst the question is "import encrypted private key to jks", I don't actually believe the key in question is encrypted as the "nodes" option is used.

So to import a key, and cert into a JKS use: 

# create p12
openssl pkcs12 -export \
  -name a_private \
  -out a_private.p12 \
  -inkey a_private.key \
  -in a_certificate.cert \
  -passin "pass:changeit" \
  -passout "pass:changeit"

# create jks
keytool -v -importkeystore -deststoretype pkcs12 -destkeystore \
  "a.jks" \
  -srckeystore "a_private.p12" -srcstoretype pkcs12 \
  -alias "a_private" -srcstorepass "changeit" \
  -deststorepass "changeit" -destkeypass "changeit"

Actually change the password "changeit" as well.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Import encrypted session key Read a Private Encrypted Key in Java Java load encrypted private key How to use encrypted RSA private key with PyCrypto? how to export a private key encrypted in a .pem file How to encrypted data with RSA private key in php? How is a private key encrypted in a pem certificate? How to decrypt an encrypted message with RSA private key Bouncycastle encrypted private key PEM output: RSA PRIVATE KEY vs PRIVATE KEY Import private rsa key fail
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM