How do I list / export private keys from a keystore?
How do I list and export a private key from a keystore?
-
A portion of code originally from Example Depot for listing all of the aliases in a key store:
// Load input stream into keystore keystore.load(is, password.toCharArray()); // List the aliases Enumeration aliases = keystore.aliases(); for (; aliases.hasMoreElements(); ) { String alias = (String)aliases.nextElement(); // Does alias refer to a private key? boolean b = keystore.isKeyEntry(alias); // Does alias refer to a trusted certificate? b = keystore.isCertificateEntry(alias); }The exporting of private keys came up on the Sun forums a couple of months ago, and u:turingcompleter came up with a DumpPrivateKey class to stitch into your app.
import java.io.FileInputStream; import java.security.Key; import java.security.KeyStore; import sun.misc.BASE64Encoder; public class DumpPrivateKey { /** * Provides the missing functionality of keytool * that Apache needs for SSLCertificateKeyFile. * * @param args-
*
- [0] Keystore filename. *
- [1] Keystore password. *
- [2] alias *
Note: this use Sun package, which is a "bad thing".
If you can download apache commons code, here is a version which will compile without warning:javac -classpath .:commons-codec-1.4/commons-codec-1.4.jar DumpPrivateKey.javaand will give the same result:
import java.io.FileInputStream; import java.security.Key; import java.security.KeyStore; //import sun.misc.BASE64Encoder; import org.apache.commons.codec.binary.Base64; public class DumpPrivateKey { /** * Provides the missing functionality of keytool * that Apache needs for SSLCertificateKeyFile. * * @param args-
*
- [0] Keystore filename. *
- [1] Keystore password. *
- [2] alias *
You can use it like so:
java -classpath .:commons-codec-1.4/commons-codec-1.4.jar DumpPrivateKey $HOME/.keystore changeit tomcat
加载中...
- 热议问题