How to add SSH identity file keypair to JKS keystore

Question

One of the tasks of a Java application I am building is to connect to a remote SFTP server. In order to do that I have the certificate of the remote machine and a local iden

Answer 1

Supposing you have a private key that looks like this:

id_rsa

-----BEGIN RSA PRIVATE KEY-----
MIICWgIBAAKBgQCh3czej+KeEraesxts3xP6kx+cO/Fu8ROc/k4hSl7fO9jFZ6Lm
OsGlzsRsi8VDg9n/fh6iFng/Umgnfd4J0IiLQihSRYnvyOsqqXbIJ8mBtydqO4s+
CjZLLDRSEMx3dw6GhFOcQ7xYYOeUMNY8QFidPn2LjURfMxG9XWOrCww8rwIBJQKB
gGA+sSpjZCajV9P7yx4jxrCqgX99lnlREpSy4lj7ybUqgOQUG6t84dg1wOaYS8dH
erOXGSIbMr3d+L2JHD0v4ntcKqzJm6Nf1FE27V0hvpzZl3fNax4NI/cIXM78zBx4
lBblr5QMYnTSd5eADIcDy7TZHuScRPkPViQ2x9QPayQ9AkEA67lfOXFEJ8iTYHdu
ykvj0Xqcs/peDX5nYXCEJ2XECxgxfKYVbQPazO5ACgp1VsgFMCsd4rDSwahOAgkE
rGfgCwJBAK/KFkSqMCLga8m19uqOftTQ+GhFc0O1lchWQ0A99+b9Rcs0yAe10GCN
SbgrEmMuXEQS1emT6ZHM7KIh2P7kiG0CQQDSPYxH/TzJiWDZf0cjIRdMIT+ncJkS
9DKw2flTkh2NWsRaap1858MleowkoYs/j81Gov76nbUNlhwPpy2uhiivAkByBor8
G11+aA6QrWHkQMD4vuZReSgr62gTPt+DndE74o4i8c3bfNowyllU3asP5rhjgdbc
svheksMBYhA2ohNNAkAiKQdv08UAG77piJi09OFIEcetTiq/wy9Zeb6fmEuMFzsT
2aR6x0d43OXqAgcKFgFuzqdXgxqhP/n9/eIqXdVA
-----END RSA PRIVATE KEY-----

Do two things:

1) Create a certificate to wrap the key and expose the public key as a certificate, so that keytool understands it.

openssl x509 -signkey id_rsa -req -in example.req

2) Create a self-signed certificate from your new request.

openssl x509 -signkey id_rsa -req -in example.req -out example.cer

Then, combine the certificate and private key, and import into keytool.

cat example.cer id_rsa > example.full
keytool -import -keystore example.jks -file example.full

This will get the keys in there. Utilizing the private and public keys and interacting with the SSH/SFTP library of your choice is left as an exercise.