Converting a .jks Key Store to a .pem Key Store

In order to convert a Java key store into a Privacy Enhanced Mail Certificate, you will need to use two tools :

  1. keytool.exe - to import the keystore from JKS to PKCS12 (supplied with Java)
  2. openssl.exe - to convert the PCKS12 to PEM (supplied with OpenSSL)

Neither keytool or openssl can be used to convert a jks directly into a pem. First we must use keytool to convert the JKS into PKCS: 

keytool -importkeystore -srckeystore client.jks -destkeystore client.pkcs -srcstoretype JKS 
 -deststoretype PKCS12

You will be prompted to enter passwords for the key stores when each of these programs are run. The password used for the keystores created using the generator is "nirvana". Next you need to use openssl.exe to convert the PKCS into PEM. 

openssl pkcs12 -in client.pkcs -out client.pem

Repeat the above code for the any other jks key stores. After this you will have the required key stores in pem format.

Share this page with others:
Tell Your Tweets Facebook It! Add to Delicious Reddit! Digg It! Stumble Upon Add to Your Faves Mixx it
Follow Us:
Keep up with my-Channels on Twitter Become a fan on Facebook LinkedIn Profile Recent Highlights RSS Feed