Dealing with a Java keystore when keytool is not enough

It seems odd but the keytool program for handling a Java keystore is missing two rather obvious abilites.
One missing ability is that keytool is unable to import a private key and the corresponding certificate to create a Java keystore from scratch.
Another is to provide a way to extract a private key from the Java keystore.

All you need is wget, a java compiler, OpenSSL and some spare time. was written by Joachim Karrer and Jens Carlberg was written by Alexey Zilber was written by Christian d’Heureuse, Inventec Informatik AG, Switzerland

  1. How to create a fresh Java keystore with a private key and a corresponding certificate
        $ openssl pkcs8 -topk8 -nocrypt -outform der -in somename.key.decrypted -out somename_pkcs8_key.der
        $ openssl x509 -inform PEM -outform DER -in somename.crt -out somename_certificate.der
        $ wget
        $ javac
        $ java ImportKey somename_pkcs8_key.der somename_certificate.der

    This will create a keystore somewhere (for me, on a Windows machine, the location was: C:\Documents and Settings\snowy\keystore.ImportKey ).

  2. How to extract a private key from the Java keystore
        $ keytool -export -alias mykey -keystore mystorage.jks -file exported-der.crt
        $ openssl x509 -out exported-pem.crt -outform pem -in exported-der.crt -inform der
        $ wget
        $ wget 
        $ mv
        $ javac
        $ java ExportPriv mystorage.jks mykey changeit > exported-pkcs8.key