Extract a Public Cert from a Java Keystore/Truststore

Featured image for sharing metadata for article

It can be useful to pull the public certificate out of a Java keystore (maybe called a truststore in this case, as it may just store public certs).

We can pull the cert out by running the following, which will return the X509 PEM-encoded certificate:

keytool -list -alias selfsigned -rfc -keystore keystore.jks -storepass password | \
  sed -n -e '/BEGIN\ CERTIFICATE/,/END\ CERTIFICATE/ p'

Written by Jamie Tanna's profile image Jamie Tanna on , and last updated on .

Content for this article is shared under the terms of the Creative Commons Attribution Non Commercial Share Alike 4.0 International, and code is shared under the Apache License 2.0.

#blogumentation #java #keystore #certificates.

This post was filed under articles.

Interactions with this post

Interactions with this post

Below you can find the interactions that this page has had using WebMention.

Have you written a response to this post? Let me know the URL:

Do you not have a website set up with WebMention capabilities? You can use Comment Parade.