jks-js is a converter of Java Keystore to PEM certificates in order to securely connect to Java-based servers using Node.js.
npm install jks-js
...
const jks = require('jks-js');
const keystore = jks.toPem(
fs.readFileSync('keystore.jks'),
'password'
);
const { cert, key } = keystore['alias'];
after extraction you may use cert and key in your connection settings:
tls.connect('<port>', '<host>', {
key: key,
cert: cert,
});
const {
/**
* Extracts certificates from java keystore or truststore
* and decrypts private key
*
* @param keystore content of java keystore or truststore file
* @param password password for verification and decryption
* @return {
* <alias name>: {
* cert: string // compound certificates chain
* key: string // decrypted private key
* } | {
* ca: string // trusted certificate
* }
* }
*/
toPem,
/**
* Only extracts certificates
* @param keystore
* @param password
* @return { <alias name>: KeyEntry | TrustedKeyEntry }
*/
parseJks,
/**
* Decrypts private key from DER to PEM
*
* @param protectedPrivateKey DER encoded private key
* @param password password for PKCS8 decryption
* @return decoded private key
*/
decrypt
} = require('jks-js');
The implementaion is based on JavaKeystore.java logic, which is internally used for creation of java keystore, including keytool
.
It is supposed the keystore contains X.509
certificates.
But you may use the library to extract any of certificates.
The decryption constrained by alghorithms that implemented in the crypto module of Node.js.
If you find any troubles feel free to create an issue.
Copyright (c) 2020 Volodymyr Liench