load error

[hply]

raise BadKeystoreFormatException('Not a JKS or JCEKS keystore' jks.util.BadKeystoreFormatException: Not a JKS or JCEKS keystore (magic number wrong; expected FEEDFEED or CECECECE); when i use keytool，print this:

Keystore type: PKCS12 Keystore provider: SUN

Your keystore contains 1 entry

Alias name: abc Creation date: 2021年2月28日 Entry type: PrivateKeyEntry Certificate chain length: 1 Certificate[1]: Owner: ...... Issuer: ...... Serial number: ...... Valid from: Sun Feb 28 18:14:51 CST 2021 until: Mon Feb 16 18:14:51 CST 2071 Certificate fingerprints: SHA1: ...... SHA256: ...... Signature algorithm name: SHA256withRSA Subject Public Key Algorithm: 2048-bit RSA key Version: 3

Extensions:

#1: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [...] how can i use pyjks lib for type PKCS12,thanks

[waghcwb]

For BKS you can use jks.bks.BksKeyStore.load

[hply]

For BKS you can use jks.bks.BksKeyStore.load

not 'BKS'，is 'PKCS12'

[fenchu]

This is because pyjks do not support pkcs12 keystores. although they are now default: This is how I print them in *.pem format:

from OpenSSL import crypto

# this is a p12 cert
pw = "verysecretpassword"
keystore = 'java-keystore\\kafka.test-hso.keystore.jks'
p12 = crypto.load_pkcs12(open(keystore, 'rb').read(), pw.encode())

# PEM formatted private key key.pem
print(f"{crypto.dump_privatekey(crypto.FILETYPE_PEM, p12.get_privatekey()).decode()}")

# PEM formatted certificate cert.pem
print(f"{crypto.dump_certificate(crypto.FILETYPE_PEM, p12.get_certificate()).decode()}")