Tech Trek: A Software Engineer's Guide to Code and Beyond

There can be a situation where you want to extract private key from your keystore but it is not a straight forward as we think as It involves two steps i.e. ·          Extracting private key from keystore in PKCS#12 format ·          Converting it to .PEM file Step1: Extracting in PKCS format keytool -v -importkeystore -srckeystore KEYSTORE_NAME -srcalias CERTIFICATE_ALIAS -destkeystore FILE_NAME.p12 -deststoretype PKCS12 Eg: keytool -v -importkeystore -srckeystore keystore.jks -srcalias  application -destkeystore privatekey.p12 -deststoretype PKCS12 Note: If you don’t know the alias name of your certificate then you can display it: keytool -list -v -keystore keystore.jks Step2: Converting it into .PEM FILE openssl pkcs12 -in privatekey.p12 -out private.pem             

I have already discussed how to generate SSL certificate using keytool over here . In this article, I am going to explain how can you achieved the same thing using OpenSSL tool. The three differnet files that I am going to generate i.e. : waheedtechblog.key waheedtechblog.csr waheedtechblog.crt Generate Private key : waheedtechblog.key openssl genrsa -des3 -out waheedtechblog.key 1024 Generate a Certificate Signing Request (CSR) Using above generated key file, We will now create the CSR file openssl req -new -key waheedtechblog.key -out waheedtechblog.csr Generate a Self-Signed SSL Certificate openssl x509 -req -days 365 -in waheedtechblog.csr -signkey waheedtechblog.key -out waheedtechblog.crt These file can be used to enable SSL in Apache Server. Sometime, we need to remove passphrase to run key in Apache Server, if you get such issue while enabling SSL in Apache Server then run following command to remove p...