Login/Register
Keytool list command shows incorrect keystore format
Asked Answered
Solved opensslkeytoolpkcs#11pkcs#12jks
M

1

8

I'm creating a keystore in the pkcs12 format using command:

> openssl pkcs12 -export -in <cert> -inkey <key> -out mycert.p12 -name <name> -caname <caname>

Once created I' checking the created keystore:

> keytool -list -keystore mycert.p12 
Enter keystore password:  

Keystore type: JKS
Keystore provider: SUN
...

It's shows the type JKS.

When I specify the type of the keystore explicitly the output seems correct:

> keytool -list -keystore mycert.p12 -storetype pkcs12
Enter keystore password:  

Keystore type: PKCS12
Keystore provider: SunJSSE

Why does keytool incorrectly show the type of the keystore when the storetype is not specified? This behaviour seems incorrect for me, the command should either fail or do not show the keystore type if the tool can't figure it out.

Mistrial answered 3/5, 2018 at 16:57 Comment(0)
H
3

You 've may used a older keytool version than shipped with Java 8u192.

There was a bug JDK-8193171 reportet with the same issue.

I had the same problem with my installed jdk 1.8.0_161 - after using (the current) version 8u201 the keystore-type was displayed correctly.

Hypnotherapy answered 26/2, 2019 at 10:30 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.