-
Notifications
You must be signed in to change notification settings - Fork 3
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
"Error: Cannot recover key" when keystore and private key passwords are different #8
Comments
Hi @jbestie ! Well, probably to solve the issue, here should be another password: https://github.com/lenchv/jks-js/blob/master/lib/index.js#L55 I'll try to make changes and release as soon as possible and let you know. |
@lenchv thanks a lot for your reply! Meanwhile I've realized that my issue can be solved via parseJks with a few lines of code instead of single one (it was unclear a bit from documentation that this function provides everything I need but thanks to source code - I've figured out how to deal with) : // read the JKS
const keystoreData = jks.parseJks( fs.readFileSync('keystore/server.keystore'), 'changeit1');
// decrypt private key you need
keystoreData.forEach( entry => {
console.log(jks.decrypt(entry.protectedPrivateKey, 'changeit2'));
const payload = entry.chain[0].value; // dummy retrieving the certificate data
.... magic to reformat data into suitable base64
}) So I believe this issue can be closed. |
Hello, I faced with the same problem. |
Hi @elesinn! Yeahh, I didn't fix it, I thought as long as issue closed it is resolved. But as it is common issue, I reopened the issue and I'm going to fix it later. For now, use proposed solution |
Ok, @lenchv thanks for the quick answer and very helpful library |
When I try to read the cert/private key from JKS which has different passwords for keystore and private key via
I receive the "Error: Cannot recover key"-error.
As far as I understand it's because of toPem-function uses the keystore password to decode a private key and doesn't provide a possibility to specify private key password if it's different.
Is there any possibility to work with such keystore via jks-js without changes in source code and selling the soul to Devil?
Thanks in advance!
The text was updated successfully, but these errors were encountered: