How can I export my private key from a Java Keytool keystore?
Use Java keytool to convert from JKS to P12...
keytool -importkeystore \ -srckeystore keystore.jks \ -destkeystore keystore.p12 \ -deststoretype PKCS12 \ -srcalias <jkskeyalias> \ -deststorepass <password> \ -destkeypass <password>
...then use openssl to export from P12 to PEM
Export certificate using
openssl pkcs12 -in keystore.p12 -nokeys -out cert.pem
Export unencrypted private key:
openssl pkcs12 -in keystore.p12 -nodes -nocerts -out key.pem
"No DES", i.e. to not encrypt the private key that will be saved to `key.pem`.
I did as described in this answer, but somehow my exported private key is just an empty file? What gives?
Just take a look at the output of `openssl pkcs12 -in keystore.p12`, what is present in that output?