Forum Discussion

James_Lin_10565's avatar
James_Lin_10565
Icon for Nimbostratus rankNimbostratus
Feb 22, 2006

How to extract both public and private key from Java keystore into Big-IP?

We have a keypaire generated by Sun Java keytool utility

 

Now we need to extract it and put in Big-IP..

 

I try to use keytool -export -rfc to extract the key

 

But it can not accepted by Big-IP to load as privary key

 

It can be loaded as public key..

 

How could I extract both public/private key from keystore and load it to F5?

 

 

Any help will be appreciate!
application delivery
dev
devops
iRules
  • Tony__Parker_56's avatar
    Tony__Parker_56
    Icon for Nimbostratus rankNimbostratus
    Feb 22, 2006
    Here's a link to a site that has the OpenSSL to Keytool (and vice-versa) procedures that you may find quite helpful:

     

     

    http://mark.foster.cc/kb/openssl-keytool.html

     

     

    I would strongly suggest that you perform the openssl conversion parts on a separate unix (or linux) machine with openssl installed, then move the public and private keys to the F5.

     

     

    Hope this helps...
  • Sush___89150's avatar
    Sush___89150
    Icon for Nimbostratus rankNimbostratus
    Dec 05, 2009
    I am able to generate a keystore

     

    Now I want to extract the publickey and privatekey from the keystore
  • hoolio's avatar
    hoolio
    Icon for Cirrostratus rankCirrostratus
    Dec 07, 2009
    As Tony suggested, you should be able to use keytool to export the cert and key from the java store. LTM requires PEM formatted certs and keys. Here are a few related links:

     

     

    Migrating Keys from 'keytool' to 'OpenSSL'

     

    http://www.herongyang.com/crypto/Migrating_Keys_keytool_to_OpenSSL_2.html

     

     

    And another option:

     

     

    http://conshell.net/wiki/index.php/Keytool_to_OpenSSL_Conversion_tips

     

     

    Aaron