I created a .p12 keystore using openssl from a pkcs8 keystore. Now I'm trying to import the private key using java Keytool into a new JKS keystore. I tried the command:
keytool -importkeystore -srckeystore newKS.p12 -srcstoretype pkcs12 -srcstorepass pass -destkeystore exportedJks.jks -deststoretype jks -deststorepass pass
But I get the following error message:
keytool error: java.security.UnrecoverableKeyException: Get Key failed: EC KeyFactory not available
How can I resolve this error so I can import this key into a new JKS keystore?
The error message means that the Java runtime could not find a crypto provider for ECC (elliptic curve cryptography) algorithms.
Java 6 contains only basic support for ECC: It knows the OIDs of most EC algorithms and therefore knows that it must find an "EC KeyFactory". However, by default no provider is installed that can handle these algorithms.
The SunEC provider with full ECC support was added in Java 7, so the easiest solution for this problem is to use keytool from a Java 7 or 8 runtime.