Importing or exporting private keys from and to Java keystores has always been a somewhat tedious task involving hand-written utility classes because keytool couldn’t cope. However, a little known fact about Java 6 is that keytool has finally been extended to provide this functionality. The key argument is -importkeystore – which can also be used for exporting (as in importing a key into an empty store).
To import a key, simply do something like this:
keytool -importkeystore -srckeystore test.pfx -srcstoretype pkcs12 -srcalias “my-key” \
-destkeystore keystore.jks -destalias “new-key” -destkeypass changeit -deststorepass changeit
Exporting is just about the same, just specify a non-existing keystore as the destination store:
keytool -importkeystore -srckeystore keystore.jks -srcalias “new-key” \
-destkeystore cert.pfx -deststoretype pkcs12