What is Java keytool?
The Java keytool is a command-line utility used to manage keystores in different formats containing keys and certificates. You can use the java keytool to import a keystore into another keystore. In many respects, the java keytool is a competing utility with openssl for keystore, key, and certificate management. This article will demonstrate how to with keytool import keystore.
Use cases to import a keystore into another keystore.
If you want to consolidate keystores or add a newly generated keystore to an existing keystore, this command will do that for you. This command will also allow you to add a subset of keystore entries and not the entire keystore if desired. Use -srcalias for this functionality. You may also want to convert or import a different store type into another keystore, such as a .JKS into a .P12.
What keytool command do I use to import a keystore into another keystore?
Use this command to import a keystore into another keystore using the java keytool. The result will be an updated keystore with all entries including keys and certificates from the other keystore.
keytool -importkeystore \-srckeystore example2.p12 \
-destkeystore example.p12 \
-srcstoretype PKCS12 \-deststoretype PKCS12 \
-srcstorepass changeit \
-deststorepass changeit \
-v
Java keytool options:
-srckeystore
– The filename of the keystore to be imported from.
-destkeystore
– The filename of the keystore to be imported to.
-srcstorepass
– The current keystore password of the source keystore. We recommend leaving this option off and letting keytool prompt you instead of writing your password in plain text here.
-deststorepass
– The current keystore password of the destination keystore. We recommend leaving this option off and letting keytool prompt you instead of writing your password in plain text here.
-srcstoretype
– Recommended keystore types include PKCS12 and JKS. In this case, the keystore was of type PKCS12.
-deststoretype
– Recommended keystore types include PKCS12 and JKS. In this case, the keystore was of type PKCS12.
-v
– Verbose output.

Conclusion – Keytool importkeystore
This article has demonstrated how to use the Java keytool importkeystore command. Leave us a comment with any questions or additional examples you would like to see.
Read another post on how to import a certificate into a keystore.
Leave a Reply