GetKeyPairFromKeystore()
Extracts a key pair and certificate from a Java keystore (ACF compatible).
Requires Extension: Crypto Extension
GetKeyPairFromKeystore( keystore=string, keystorePassword=string, keypairPassword=string, keystoreAlias=string, keystoreType=string );
Returns: Struct
| Argument | Description |
|---|---|
|
keystore
string,
required
|
edit
Path to keystore file |
|
keystorePassword
string,
required
|
edit
Password for the keystore |
|
keypairPassword
string,
optional
|
edit
Password for the key entry (defaults to keystorePassword) |
|
keystoreAlias
string,
required
|
edit
Alias of the key entry |
|
keystoreType
string,
optional
|
edit
Keystore type (JKS, PKCS12). Auto-detected if omitted. |
Examples
edit// Extract a key pair and its certificate from a PKCS#12 keystore
// Arguments: keystorePath, keystorePassword, keyPassword, alias
result = GetKeyPairFromKeystore(
"/path/to/keystore.p12",
"keystorePassword",
"keyPassword",
"mykey"
);
// result is a struct with three PEM-encoded strings:
result.private; // "-----BEGIN PRIVATE KEY-----\n..."
result.public; // "-----BEGIN PUBLIC KEY-----\n..."
result.certificate; // "-----BEGIN CERTIFICATE-----\n..."
// If the key password is the same as the keystore password,
// you can pass an empty string and it will default
result = GetKeyPairFromKeystore(
"/path/to/keystore.p12",
"keystorePassword",
"", // defaults to keystorePassword
"mykey"
);
// Use the extracted keys for signing, JWT creation, etc.
token = JwtSign(
claims = { sub: "user123" },
key = result.private,
algorithm = "RS256"
);
See also
- Cryptography
- GenerateKeystore()
- KeystoreList()
- Search Issue Tracker open_in_new
- Search Lucee Test Cases open_in_new (good for further, detailed examples)