Skip to content

Instantly share code, notes, and snippets.

@pjosalgado

pjosalgado/jks-to-nginx-command-list

Forked from ilguzin/gist:6606011
Last active August 8, 2020 14:10
Show Gist options
  • Star 15 You must be signed in to star a gist
  • Fork 6 You must be signed in to fork a gist
  • Save pjosalgado/d12b069498ac6c8ed0821a066d68605e to your computer and use it in GitHub Desktop.
Save pjosalgado/d12b069498ac6c8ed0821a066d68605e to your computer and use it in GitHub Desktop.
Download ZIP
How to convert Java Key Store file to pem/key for NGINX.
Raw
jks-to-nginx-command-list
1. Convert our ".jks" file to ".p12" (PKCS12 keystore format):
keytool -importkeystore -srckeystore { java-keystore.jks } -destkeystore { pkcs12-keystore.p12 } -deststoretype PKCS12
2. Extract pem (certificate) from ".p12" keystore file:
openssl pkcs12 -nokeys -in { pkcs12-keystore.p12 } -out { certificate-chain.pem }
3. Extract unencrypted key file from ".p12" keystore file:
openssl pkcs12 -nocerts -nodes -in { pkcs12-keystore.p12 } -out { unencrypted-key.key }
@likhoman
Copy link

only jdk 1.7
jdk1.8 shows an error

keytool error: java.lang.Exception: The destination pkcs12 keystore has different storepass and keypass. Please retry with -destkeypass specified.

@masifpak
Copy link

i did same. All is fine but .key file is empty. Why is that? Please guide me.

@rizz5091660
Copy link

Awesome, thanks man

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment