Overview

ImportKey is a patched version of

http://www.agentbob.info/agentbob/80/version/default/part/AttachmentData/data/ImportKey.java

with the certificate chain import code fixed.

Requirements

• Java 1.5+

Pre-Flight Instructions

• Make sure all keys/certs are in .der format

  openssl pkcs8 -topk8 -nocrypt -in key.pem -inform PEM -out key.der -outform DER openssl x509 -in cert.pem -inform PEM -out cert.der -outform DER

• For certificate chains: cat all the certs together

  cat cert.der server-chain2.der server-chain1.der ct_root.der > certs.der

• Build ImportKey

  javac ImportKey.java

Usage

java ImportKey []

Example

java ImportKey key.der cert.der "My Alias"

Changing the Keystore password

To change the Keystore password to something else you use keytool which is supplied with Sun Java.

So to change it from importkey to mypassword you would do the following: keytool -storepasswd -v -keystore ~/keystore.ImportKey -storepass importkey -new mypassword

Also we generally want to change the keypass to the same as the storepass (it too will be set to importkey: keytool -keypasswd -v -alias "My Alias" -keystore ~/keystore.ImportKey -storepass mypassword -keypass importkey -new mypassword

Thanks

Kudos to Jochen Seifarth http://www.agentbob.info/ for creating ImportKey which works around keytool's stupid limitations.