I have a java key store that contains a cert and private key. I want to convert this to a .p12 file that has no password. I'm using the .p12 in a shell script.
+1
A:
I believe you can use keytool to convert from JKS to PKCS12. I would bet that you would be forced to give a password, however, for constructing the PKCS12
From there, I'd look into tools (?OpenSSL?), that will let you manipulate the PKCS12 to remove the password. Then you're in the world of 100% PKCS12, so you have more of a range of tools to choose from.
My only quandary is whether it's possible to have a PKCS12 without a password. Since this is the private key we're talking about, pretty much every standard agrees that a password is a bare minimum. The security purist would ask - "if you have to remove all protections on the private key, why use the private key at all?"
bethlakshmi
2009-12-23 21:44:21