Mister PKI

SSL Certificates * SSL Tools * Certificate Decoder

by Leave a Comment

SSL/TLS Certificate Medium Rectangle (300 x 250)

What is Java keytool?

The Java keytool is a command-line utility used to manage keystores in different formats containing keys and certificates. You can use the java keytool to import a keystore into another keystore. In many respects, the java keytool is a competing utility with openssl for keystore, key, and certificate management. This article will demonstrate how to with keytool import keystore.

Use cases to import a keystore into another keystore.

If you want to consolidate keystores or add a newly generated keystore to an existing keystore, this command will do that for you. This command will also allow you to add a subset of keystore entries and not the entire keystore if desired. Use -srcalias for this functionality. You may also want to convert or import a different store type into another keystore, such as a .JKS into a .P12.

What keytool command do I use to import a keystore into another keystore?

Use this command to import a keystore into another keystore using the java keytool. The result will be an updated keystore with all entries including keys and certificates from the other keystore.

keytool -importkeystore \-srckeystore example2.p12 \
-destkeystore example.p12 \
-srcstoretype PKCS12 \-deststoretype PKCS12 \-srcstorepass changeit \
-deststorepass changeit \
-v

Java keytool options:

-srckeystore – The filename of the keystore to be imported from.

-destkeystore – The filename of the keystore to be imported to.

-srcstorepass – The current keystore password of the source keystore. We recommend leaving this option off and letting keytool prompt you instead of writing your password in plain text here.

-deststorepass – The current keystore password of the destination keystore. We recommend leaving this option off and letting keytool prompt you instead of writing your password in plain text here.

-srcstoretype – Recommended keystore types include PKCS12 and JKS. In this case, the keystore was of type PKCS12.

-deststoretype – Recommended keystore types include PKCS12 and JKS. In this case, the keystore was of type PKCS12.

-v – Verbose output.

import keystore
keytool -importkeystore

Conclusion – Keytool importkeystore

This article has demonstrated how to use the Java keytool importkeystore command. Leave us a comment with any questions or additional examples you would like to see.

Read another post on how to import a certificate into a keystore.

Read all of our blog content.

Reader Interactions

Leave a Reply

Your email address will not be published.