Get privatekey from Keystore

Question

Hi,

I have the following code to export certs and keys from a keystore, that I created with keytool in windows:

final KeyStore keystore = KeyUtil.loadKeystore("keystore.jks", "pass");
UserInfo userinfo = new UserInfo(WSusername, WSpassword);
X509Certificate clientcert = KeyUtil.getCertificate(CLIENT_KEY_ALIAS, keystore);
X509Certificate servercert = KeyUtil.getCertificate(SERVER_KEY_ALIAS, keystore);
PrivateKey clientprivate = KeyUtil.getPrivateKey(CLIENT_KEY_ALIAS, CLIENT_KEY_PASSWORD, keystore);

yet it fails at the last line with "unable to retrieve private key for signing" It can retrieve the cleintcert, but when it tries clientprivate, it fails.

Answer 1

Hi, While not specifically debugging the code above you might be interested in taking a look at our keystore related code here:

http://esoeproject.org/repos/esoe/trunk/esoecrypto/src/com/qut/middleware/crypto/impl/KeystoreResolverImpl.java

Has worked well for us in all our crypto usage.

Answer 2

My problem was that when I generated the keystore with keytool, it did not create the PrivateKey as a key entry. T fix this, I imported the .p12 keystore as the private key, which worked. My original code above then worked.