I am using a JRE 8u211. And i have few certificates added in cacerts. But when I upgrade JRE to 8u261, those certificates are not getting imported. So now i want to programmatically export the required certificates from cacerts file of 8u211 using the alias names and then import those certificates to the cacerts file of 8u261.
Is this even possible or supported?
Thanks in advance.
Certificate is just a data. You definitely can export it to the file, and import that data into some other file.
If you just want to import one truststore file's data into another, you can directly make use of buffer without storing data into an intermediary file:
keytool.exe -importkeystore -srckeystore %JAVA_HOME%\lib\security\cacerts -destkeystore \your\file\path\filename
-deststoretype jks
-srcstorepass changeit -deststorepass changeit
-v -noprompt
However, you can also do these two operations one by one:
To export the certificate:
keytool -export -alias alias_name -keystore path_to_keystore_file -rfc -file path_to_certificate_file
To import the certificate:
keytool -importcert -alias alias_name -file path_to_certificate_file -keystore truststore_file