![keystore explorer openjdk keystore explorer openjdk](https://coffee0127.github.io/blog/2018/11/03/PKIX-path-building-failed/export-root-ca-step2.jpg)
![keystore explorer openjdk keystore explorer openjdk](http://www.edownload.cz/sw/images/product-key-explorer_1.jpg)
I'm pretty sure you can convert the key file to PEM with: openssl pkey -in key -inform der -out key.pem -engine dstu # or maybe pem$i or whatever names you find convenient You can definitely convert certificate file from binary/DER to PEM with: openssl x509 -in cert$i -inform der -out cert$i.pem -engine dstu I suggest you proceed with OpenSSL here since that's what you want to end up with anyway. It appears Bounc圜astle does - but bcprov doesn't do JKS. (FYI Stack only does one per comment - fortunately I saw this in recently-modified.)įrom that we can now see your privatekey has attributes in the PKCS8 (a legal but very rarely used feature) which on rechecking I see standard JCE does not support (there's a comment in decode but not in parseKey). Keytool error: : excess private keyĪt the same time, however, the key can be listed: $ keytool -list -keystore my_key.jksĬertificate fingerprint (SHA1): A1:B2:C3:D4:E5:F6:85:E4:2B:03:B9:68:FD:AE:9D:5B:24:CF:BF:FF ParsedContent = jksreader.parse(contents) The program I wrote looks like this: const fs = require('fs') In particular, I use jksreader npm package, which only exists for several days now! To do this I wrote a small nodejs program inspired by signerbox2 an open-source project that uses. jks file and extract key and certs from it.