- Using the Java keytool program, run the following commands Export the.der file keytool -export -alias sample -file sample.der -keystore my.jks Convert the.der file to unencrypted PEM (crt file).
- Keytool -list -v -keystore keystore.jks. If you are generating this for ThinkFree Office there is one more step. Go to the System tab Https Certification. Next to KeyStore (JKS) File click Browse and select the keystore.jks file we just created.
This section explains how to create a KeyStore using the JKS format as the database format for both the private key, and the associated certificate or certificate chain. By default, as specified in the java.security file, keytool uses JKS as the format of the key and certificate databases (KeyStore and TrustStores). While we create a Java keystore, we will first create the.jks file that will initially only contain the private key using the keytool utility. 1 keytool -genkey -keystore keystore.jks -alias ssl.
While testing web services or performing any web service test using https URLs which are secure, there are chances that we could face the issue as client side authentication required. Sometimes client certificate or SSL throws javax.net.ssl.SSLHandshakeException error. This usually happens when browser or tool like Jmeter that you use for web services testing, does not find the certificate or not able to read the certificate sent from client side.
Keytool View Jks
If you are facing such kind of issues, and you need create .jks file to provide the authentication or if you are not able to convert .der or .crt or .p12 file to .jks file, please follow the steps to perform the conversion or create .jks file using keytool.exe.
- Keytool.exe comes by default with all the latest Java. Make sure java is available in your system.
- Open browser and load https URL will prompt you to install the certificate if not installed in your browser.
- Click on AddException and then Confirm Security Exception will install the certificate in the browser.
- Click on lock icon shown in the address bar.
- Click on More Information and then View Certificate.
- Click on Details tab and then click on Export button.
- Save the certificate in java bin folder with any name.
- Change the file extension with .p12 extension. Example (certificate.p12)
- Now open command prompt and navigate to java bin folder.
- keytool -importcert -alias mycert -file certificate.p12 -keystore certificate.jks -storepass password
- Once you hit enter it will ask you to answer Trust this certificate? Type yes and hit enter again.
Keytool Import Crt
Here you have generated .jks file with file name certificate.jks and the file will be located in Java bin folder.
How To Create Jks Keystore
Convert Jks To Pem Keytool
Now you have successfully converted .p12 file to jks file. The same process you can apply to change any file like .der file or .crt file to convert in .jks file. What all you have to do is to replace the .p12 file with your file and give the same name in command prompt while executing the command.