Skip to content

Instantly share code, notes, and snippets.

@wgzhao

wgzhao/extract_from_jks.sh

Created December 12, 2018 00:28
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save wgzhao/1e128c435f1479831c9e7760f9559bec to your computer and use it in GitHub Desktop.
Save wgzhao/1e128c435f1479831c9e7760f9559bec to your computer and use it in GitHub Desktop.
Download ZIP
Extract private and public key from Java KeyStore file (JKS)
Raw
extract_from_jks.sh
JKS=mykeystore
JKS_PASS=changeit
JKS_ALIAS=tomcat
OUTPASS=$(cat /dev/urandom |env LC_CTYPE=C tr -dc 'a-zA-Z0-9' | fold -w 8 |head -n1)
PK12_KEY=mykeystore.pk12
PEM=server.pem
KEY=server.key
keytool -importkeystore -srckeystore $JKS -destkeystore $PK12_KEY -srcstoretype JKS -deststoretype PKCS12 -srcstorepass $JKS_PASS -deststorepass $OUTPASS -srcalias $JKS_ALIAS -destalias $JKS_ALIAS -srckeypass $JKS_PASS -destkeypass $OUTPASS -noprompt
#generate password-less pem file
openssl pkcs12 -in $PK12_KEY -passin pass:$OUTPASS -passout pass:$OUTPASS |openssl rsa -passin pass:$OUTPASS -pubout -out $PEM
#generate password-less private-key file
openssl pkcs12 -in $PK12_KEY -passin pass:$OUTPASS -passout pass:$OUTPASS |openssl rsa -passin pass:$OUTPASS -out $KEY
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment