I have a .pk8 file and I want to convert it into .key file format,so that I can move them into a pkcs12 store and then later to java keystore using keytool.
Please suggest possible solutions??
Use the OpenSSL command line tool to convert your PKCS#8 file to a plain private key first:
openssl pkcs8 -in file.pk8 -out key.pem
If that gives you an error it's probably because the key is in DER format, try this then:
openssl pkcs8 -in file.pk8 -inform DER -out key.pem
Gather the certificates you want to be in your PKCS#12 key store and make sure they are PEM-encoded (open them in a text editor - if the file starts with '----- BEGIN X.509 CERTIFICATE -----' or similar then you're already good to go):
openssl x509 -in single_cert.cer -inform DER -out single_cert.pem
Open a text editor and paste all the PEM-encoded certificates plus the contents of key.pem in that file, one after the other to get a file like this:
----- BEGIN RSA PRIVATEKEY ----- '' or another format, depends on your key
...contents of your key file
----- END RSA PRIVATEKEY -----
----- BEGIN X.509 CERTIFICATE -----
...contents of certificate 1
----- END X.509 CERTIFICATE -----
----- BEGIN X.509 CERTIFICATE -----
...contents of certificate 2
----- END X.509 CERTIFICATE -----
...
Save this, e.g. as all.pem. To finally create your PKCS#12 key store, issue this command:
openssl pkcs12 -export -in all.pem -out file.p12 -name "somename"
Provide a password and your done. The name
parameter is going to be your "alias" in the Java world.
Following this guide worked for me. Specifically using keytool-iui to import the private key.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With