Import .pem public and private keys to JKS keystore

Question

I have public and private keys in separate .pem files that I would need to get into a JKS keystore somehow.

Tried using the -import command in KeyTool for this, which gives an "not an X.509 certificate" error.

I'm guessing the solution has to do with OpenSSL, but I'm not entirely sure what to do with it.

Would really appreciate any help with this, since I'm completely clueless with everything crypto-related.

Thanks in advance, --Rolf

Answer 1

KeyTool expects the objects in DER format. PEM is Base64-encoded DER, with a header and a footer. KeyTool cannot parse PEM.

However, OpenSSL can convert PEM objects to DER. E.g., for an X.509 certificate, the -outform DER command-line flag instructs OpenSSL to use DER as its output format.

This page apparently contains some more detailed explanations.