how to generates JCEKS keystore in android

StackOverflow https://stackoverflow.com/questions/22341745

Question

I use

KeyStore store = KeyStore.getInstance("JCEKS");

But is make KeyStoreException 

java.security.KeyStoreException: KeyStore JCEKS implementation not found

Reason is default security provider is bouncycastle in Android. Therefore I use

KeyStore store = KeyStore.getInstance("JCEKS", "SunJCE");

But is make NoSearchProviderException

java.security.NoSearchProviderException: SunJCE
Was it helpful?

Solution

Android does not include the SunJCE security provider and therefore JCEKS is not a supported Keystore type (neither is the older JKS format).

To create a KeyStore you can either choose the BouncyCastle Keystore

KeyStore ks = KeyStore.getInstance("BKS");

or, from Android 4.3, the new AndroidKeyStore based on OpenSSL decdicated to store app-private keys (more details here)

KeyStore ks = KeyStore.getInstance("AndroidKeyStore");

And if you have a JCEKS Keystore you will have to convert it to BKS format with keytool:

keytool -importkeystore -srcstoretype JCEKS -srckeystore my.keystore -srckeypass my_password -destprovidername BC -deststoretype BKS -destkeypass my_new_password -destkeystore my.bks
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top