Sample code for 30+ languages & platforms
CkPython

Convert Java KeyStore to PEM

See more Java KeyStore (JKS) Examples

Loads a Java keystore file and saves the trusted certificate entries to a PEM file.

Chilkat CkPython Downloads

CkPython
import sys
import chilkat

success = False

# This requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

jks = chilkat.CkJavaKeyStore()

jksPassword = "myJksPassword"

# Load the Java keystore from a file.  The JKS file password is used
# to verify the keyed digest that is found at the very end of the keystore.
# It verifies that the keystore has not been modified.
success = jks.LoadFile(jksPassword,"/someDir/keyStore.jks")
if (success == False):
    print(jks.lastErrorText())
    sys.exit()

# Open/create the output PEM file. 
# This example uses Chilkat's file access class for writing the output file.
# You may replace the file I/O lines of code with whatever is most convenient for you.
fac = chilkat.CkFileAccess()
success = fac.OpenForWrite("/pemFiles/caCerts.pem")
if (success == False):
    print(fac.lastErrorText())
    sys.exit()

numCerts = jks.get_NumTrustedCerts()

cert = chilkat.CkCert()

# Iterate over the trusted certs, get the PEM for each,
# and append it to the output file.
i = 0
while i < numCerts :
    jks.TrustedCertAt(i,cert)

    # Get the certificate in PEM format.  
    pem = cert.exportCertPem()

    # Append the PEM string to the open file.
    success = fac.AppendText(pem,"utf-8")
    if (success != True):
        print(fac.lastErrorText())
        sys.exit()

    i = i + 1

# Close the output file.
fac.FileClose()

print("Trusted certificates saved to PEM.")