hi, in my job i was assigned a task in which i have to programmatically load a private and public keys from files and then store them in a .jks file,the private key was generated using openssl, its an rsa des encrypted key in der format,i have no problem loading the public key, however,i haven't found a way to load the private key in its original form, the only way i found consist in decrypt the key and then convert it to a pk8 file, its there any other way to do it without decrypting the private key?
A:
OpenSSL's standard way to save keys is to use PEM format (PEM header and footer and base64-encoded DER key inside). Private key is additionally encrypted (encryption algorithm is specified in header). JKS doesn't use DER for encryption of the private key, so you can't just take the encrypted DER sequence and put it to JKS. To add the keypair to JKS you need to get both public and private key in DER format and the private key must be decrypted.
Eugene Mayevski 'EldoS Corp
2010-10-16 20:26:13