Extract certificates from a truststore and import them into an existing keystore (jre security cacerts)

keytool_java_import.sh

#!/bin/bash

keystore=$JAVA_HOME/lib/security/cacerts

certs=$(keytool \
  -list \
  -keystore generic-truststore.jks \
-storepass "" | grep trustedCertEntry | grep -Eo "^[^,]*")

while read -r cert
do
  printf '%s\n' "$cert"
  output_cert=$(echo "$cert" | base64).crt
  keytool -exportcert -keystore bytel-generic-truststore.jks -alias "$cert" -file $output_cert <<< ""
  keytool -import -trustcacerts  -alias "$cert" -file $output_cert -keystore $keystore -storepass "" -noprompt
done < <(echo "$certs")