Import PEM into Java Key Store
First, convert your certificate in a DER format :
openssl x509 -outform der -in certificate.pem -out certificate.der
And after, import it in the keystore :
keytool -import -alias your-alias -keystore cacerts -file certificate.der
How to import .pem together with .key to a keystore (.jks)
I've found a soulution which includes exporting the .key and .pem certs to a .p12 file, and then importing that .p12 file to a java keystore (.jks).
To export .pem and .key together to a .p12 use this command:
openssl pkcs12 -export -in <path to .pem cert> -inkey <path to .key cert> -out <desired name of the .p12 file with the extension> -name <cert alias>
Then, import the .p12 to the java keystore with this command:
keytool -importkeystore -v -srckeystore <path to .p12 file> -srcstoretype PKCS12 -destkeystore <path to .jks> -deststoretype JCEKS
import .pem file in jre using keytool [Windows 7]
Do you mean, you want to import .pem file into JRE truststore? Truststore file is located in %JAVA_HOME%\jre\lib\security\cacerts
. Default password is "changeit".
Keytool accepts .pem certificate as well, so you don't need to convert it to another format. Simply execute the following import command,
keytool -import -alias <PROVIDE_UNIQUE_CERTIFICATE_ALIAS_HERE> -file <PATH_TO_PEM_FILE> -keystore <JRE_TRUSTSTORE_FILE> -storepass <TRUSTSTORE_PASSWORD>
And also, When i execute "keytool -list" command on CMD, its giving me
exception keytool error: java.lang.Exception: Keystore file does not
exist:
You need to specify the keystore path as well as the keystore password,
keytool -list -keystore <JRE_TRUSTSTORE_FILE> -storepass <TRUSTSTORE_PASSWORD>
If you would like to know more about keytool commands, this following link could be your best buddy,
https://www.sslshopper.com/article-most-common-java-keytool-keystore-commands.html
How do I import SSL certifcate .pem file into JRE cacerts file on Mac?
I finally was able to import the certificate into my JRE cacerts file. First I had to create a new .pem file with only the certificate:
-----BEGIN CERTIFICATE-----
MIIHQzCCBiugAwIBAgIQDEtIx...
-----END CERTIFICATE-----
Then I had to copy the cacerts file into a new location, and then run the following code to import it:
keytool -import -v -trustcacerts -alias serveralias -file /Applications/certificate.pem -keystore /cacerts
After importing the certifcate I then copied the new cacerts file back into the JRE security folder, and success!
Import .pem public and private keys to JKS keystore
KeyTool expects the objects in DER format. PEM is Base64-encoded DER, with a header and a footer. KeyTool cannot parse PEM.
However, OpenSSL can convert PEM objects to DER. E.g., for an X.509 certificate, the -outform DER
command-line flag instructs OpenSSL to use DER as its output format.
This page apparently contains some more detailed explanations.
Import .key and .pem file to jks file and use in Java/Spring
Create a PKCS #12 file using OpenSSL utilities. Then you can specify this as your key store using the system properties.
openssl pkcs12 -export -in QA.test.pem -inkey QA.test.key -out test.pkcs12
This command will prompt for a password to encrypt the new PKCS #12 file. It may also prompt for the password that was used to encrypt QA.test.key
, if any.
javax.net.ssl.keyStore=test.pkcs12
javax.net.ssl.keyStorePassword=<whatever you entered when creating PKCS #12>
javax.net.ssl.keyStoreType=PKCS12
The trustStore
properties are separate; they affect how to authenticate the server. If the server uses a certificate issued by a "real" CA, the necessary certificates should be present in the Java runtime already. Otherwise, you'll have to create an additional key store, which can be done using Java's keytool
command.
Note that Java 9 will use PKCS #12 files as the default keystore type.
Related Topics
Compile Code Fully in Memory with Javax.Tools.Javacompiler
Field Required a Bean of Type That Could Not Be Found.' Error Spring Restful API Using Mongodb
How Should Equals and Hashcode Be Implemented When Using JPA and Hibernate
How to Write a Java Application That Can Update Itself at Runtime
How to Sum a List of Integers with Java Streams
How to Remove Entity with Manytomany Relationship in JPA (And Corresponding Join Table Rows)
Posting a @Onetomany Sub-Resource Association in Spring Data Rest
How to Create Table Using Ascii in a Console
Java "User.Dir" Property - What Exactly Does It Mean
Spring Boot - Inject Map from Application.Yml
Java Equivalent to C# Extension Methods
What's the Difference Between <> and <? Extends Object> in Java Generics
Subclassing a Java Builder Class
What's the Advantage of a Java Enum Versus a Class with Public Static Final Fields