keytool can't find alias

Question

I've got a pfx certificate that I need to reference by alias. The problem is that keytool can't find that alias, even though it shows on the list.

keytool -list -keystore temp.pfx -storetype pkcs12

gives me this:

...
0c5fc7cef279ca390acd2d6bac9ffcf8_ba0cbbb3-323d-4394-8e76-47838adb2a9c, 08/03/2013, PrivateKeyEntry,
...

But whenever I try to use keytool to do anything with that alias (i.e., export, rename), it gives me an error:

keytool error: java.lang.Exception: Alias <0c5fc7cef279ca390acd2d6bac9ffcf8_ba0cbbb3-323d-4394-8e76-47838adb2a9c> does not exist

Any ideas?

Answer 1

It turns out that after inspecting the output of keytool -list on vim, I found a null character at the end of the alias (which doesn't get printed to the console). Once I added that to the command that references an alias, it worked:

keytool -keyclone -changealias -v -dest "new_alias" -new newpass -keystore temp.pfx -storetype pkcs12 -alias 0c5fc7cef279ca390acd2d6bac9ffcf8_ba0cbbb3-323d-4394-8e76-47838adb2a9c$'\x00'

Where the very end is what really matters: $'\x00' stands for null character in bash. Keep in mind that this is pretty shell-dependent.