Wednesday, August 28, 2013

Import an existing Private Key (.key file) into a JKS store

Sounds easy but it's not. I have an existing .key (private key) and .crt file (certificate for public key) and I want to import them into a JKS.

The only way seems to go through an intermediate pkcs12 store, to be imported later in the JKS. So much fuss for a simple operation which should be natively supported.

In fact, puppet JAVA_JKS module does this:

openssl pkcs12 -export -passout stdin -in /home/soa/jkstest/source/ -inkey /home/soa/jkstest/source/ -name

when you ask him to import .crt and .key into a keystore:

    java_ks { "${nesoa2env}" :
        ensure       => latest,
        certificate  => "${certsFolder}",
        private_key  => "${certsFolder}", 
        target       => "${targetJKS}",
        password     => "${identityPassword}",
        trustcacerts => false,

No comments: