1

I have an issue while converting .jks to .p12

bash-4.1$ keytool -importkeystore -srckeystore adorbcert.jks -srcstoretype JKS -deststoretype PKCS12 -destkeystore adorbcert.p12
Enter destination keystore password:
Enter source keystore password:
Problem importing entry for alias adorbcerts: java.security.KeyStoreException: TrustedCertEntry not supported.

and I am using java

java version "1.7.0_91"
Java(TM) SE Runtime Environment (build 1.7.0_91-b15)
Java HotSpot(TM) 64-Bit Server VM (build 24.91-b03, mixed mode)
VladoDemcak
  • 4,893
  • 4
  • 35
  • 42
Sid
  • 11
  • 2
  • You may need `-trustcacerts`, but I'm not sure. – Powerlord Oct 19 '16 at 19:19
  • Possible duplicate of [Converting .jks to p12](http://stackoverflow.com/questions/2846828/converting-jks-to-p12) – Mick Mnemonic Oct 19 '16 at 19:51
  • It is not really a duplicate because he already knows the syntax of how to convert a JKS keystore to PKCS12. The problem here is that until Java 8 this only worked with keyEntry and privateKeyEntry. – dudel Oct 19 '16 at 19:53
  • OK, a better duplicate would be [this question](http://stackoverflow.com/questions/27160189/creating-pkcs12-using-java-api-failes-due-to-error-java-security-keystoreexcept). Why are you creating a .p12 file without a private key? If it's just the certificate you're converting, a .cer file is the normal format to use. – Mick Mnemonic Oct 19 '16 at 20:04

1 Answers1

2

It is not possible with keytool from Java 7 or earlier, but it is with Java 8.

Also the keystore type only needs to be specified if it is not JKS.

dudel
  • 684
  • 5
  • 15