Talk:Java KeyStore

You CAN get the private key by converting it to a pkcs12 file first, then extracting the private key with something like openssl. This at least works for the keytool bundled with java 1.7.

keytool -importkeystore -srckeystore keystore.jks -destkeystore keystore.p12 -srcstoretype JKS -deststoretype PKCS12 -deststorepass:file p12passfile -srcalias somecert -destalias somecert -srcstorepass:file jkspassfile (otheroptions)

openssl pkcs12 -clcerts -in keystore.p12 -password file:p12passfile -nocerts > somecert.key

Rename?
Shouldn't this be renamed to Java Keystore? — Preceding unsigned comment added by 71.15.161.208 (talk) 00:12, 6 November 2017 (UTC)


 * I agree. Done. --Franklin Yu (talk) 01:25, 2 May 2019 (UTC)

More than authorization and public key certs can be stored
KeyStore definitely allows the storage of secret keys, which are not certs at all. — Preceding unsigned comment added by 50.200.93.68 (talk) 15:08, 7 August 2014 (UTC)

JCEKS?
I’m not sure whether JCEKS (Java Cryptography Extension KeyStore) should be mentioned in this article. I can’t find official documentation for it from Oracle. Need work. --Franklin Yu (talk) 01:29, 2 May 2019 (UTC)