According to some resources it is not possible with standard tools.
Answer is to use the -importkeystore option of java keytool. Keytool allows conversion between the different keystore types which are currently known to your java virtual machine.
For example you can import key+certificate from PKCS12 format (extensions .p12 or .pfx in Windows world).
keytool -importkeystore -srckeystore server.p12 -srcstoretype pkcs12 -destkeystore server.jks -deststoretype jks
If you have key and certificate in PEM format you can easily convert it to pkcs12 with openssl
#Join key, certificate and certs of certification authority to one file
cat server_key.pem server_cert.pem server_cacert.pem > server.pem
#Convert to PKCS12
openssl pkcs12 -export -out server.p12 -in server.pem
Relevant links:
http://download.oracle.com/javase/1.3/docs/tooldocs/win32/keytool.html
http://www.herongyang.com/crypto/Key_Formats_PKCS8_PKCS12_4.html
http://mindprod.com/jgloss/keytoolexe.html#EXPORTING
http://www.agentbob.info/agentbob/79-AB.html
sincerely, thank you a million!
ReplyDelete