Re: [keycloak-user] import SAML keys via command line
On 09/19/2017 06:43 AM, Pieter Lukasse wrote:
Hi,
I have a .jks file which I would like to import into keycloak using the
command line instead of the "SAML keys" page (in SAML client config page).
I cannot find any command for this here http://www.keycloak.org/
docs/3.3/server_admin/topics/admin-cli.html
Is this just missing or is the documentation incomplete? Can someone help
me on this one?
You can import using the Java keytool utility, but the import format
MUST be PKCS12.
Note: replace xxx, key.pem & cert.pem with appropriate values, hopefully
it should be obvious which xxx matches in each command.
First create a .p12 PKCS12 file:
% openssl pkcs12 -export -name xxx -passout pass:xxx -in cert.pem -inkey
key.pem -out xxx.p12
Then import the .p12 PKCS12 file into the keystore:
% keytool -importkeystore -srckeystore xxx.p12 -srcstoretype PKCS12
-srcstorepass xxx -destkeystore keycloak.jks -deststorepass xxx -alias xxx
--
John