load error

[hply]

raise BadKeystoreFormatException('Not a JKS or JCEKS keystore'
jks.util.BadKeystoreFormatException: Not a JKS or JCEKS keystore (magic number wrong; expected FEEDFEED or CECECECE);
when i use keytool，print this:

Keystore type: PKCS12
Keystore provider: SUN

Your keystore contains 1 entry

Alias name: abc
Creation date: 2021年2月28日
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
Owner: ......
Issuer: ......
Serial number: ......
Valid from: Sun Feb 28 18:14:51 CST 2021 until: Mon Feb 16 18:14:51 CST 2071
Certificate fingerprints:
SHA1: ......
SHA256: ......
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions:

#1: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [...]
how can i use pyjks lib for type PKCS12,thanks

[waghcwb]

For BKS you can use jks.bks.BksKeyStore.load

[hply]

For BKS you can use jks.bks.BksKeyStore.load

not 'BKS'，is 'PKCS12'

[fenchu]

This is because pyjks do not support pkcs12 keystores. although they are now default: This is how I print them in *.pem format:

from OpenSSL import crypto

# this is a p12 cert
pw = "verysecretpassword"
keystore = 'java-keystore\\kafka.test-hso.keystore.jks'
p12 = crypto.load_pkcs12(open(keystore, 'rb').read(), pw.encode())

# PEM formatted private key key.pem
print(f"{crypto.dump_privatekey(crypto.FILETYPE_PEM, p12.get_privatekey()).decode()}")

# PEM formatted certificate cert.pem
print(f"{crypto.dump_certificate(crypto.FILETYPE_PEM, p12.get_certificate()).decode()}")