Cryptography Tutorials - Herong's Tutorial Examples - Version 5.35, by Dr. Herong Yang
No "keytool" Command to Export Keys
This section describes all sub-commands supported by the 'keytool' provided in JDK 1.6. There is not 'keytool' sub-command to export keys stored in 'keystore' files.
To figure out how to use "keytool" to export keys (pairs of private keys and public keys), not certificates, out of "keystore" files, I re-examined all sub-commands supported by the "keytool" tool provided in JDK 1.6.
The JDK 1.6 manual gives me the following list of sub-commands, total of 13:
keytool usage: -certreq Generating CSR from a key pair entry -changealias Renaming an entry in the keystore file -delete Deleting an entry in the keystore file -exportcert Exporting a certificate entry -genkeypair Generating a new key pair entry -genseckey Generating a secret key entry -help Displaying help information -importcert Importing a certificate into the keystore file -importkeystore Importing all entries from another keystore file -keypasswd Changing the password for an existing entry -list Display all entry names -printcert Print a certificate file -storepasswd Changing the keystore file password
This confirms that as of JDK 1.6, keys stored in the key entry in "keystore" files can not be exported into key files using the "keytool" tool.
Last update: 2013.
Table of Contents