When your team is porting game to another engine / technology, it will always encounter some difficulty. One of them is certification. As you can guess, not all game engines / applications use the same certificate format. For example, Unity Game Engine use *.keystore format, but Defold Engine require *.PK8 and *.PEM. How to extract it from the *.keystore file?

Before we start we need to get the tools below:
(a) OpenSSL’s homepage and OpenSSL

(b) KeyStore Explorer

Once you’ve installed everything correctly, we can go through the format conversion.


STEP 1: Inport UNITY KEYSTORE in KeyStore Explorer

In KeyStore Explorer, you can easily import Unity Keystore. When importing, just enter the password you signed the key.


The imported key will appear in the list. With the right mouse button you can export it to PCKS12. You will be prompted again to enter the password for which you have signed the key.

STEP 3: Open Terminal

Next, using openssl we will convert the keys. You will need to have OpenSSL installed. It works on either Windows, Mac OS X or Linux.

STEP 4: Convert PKCS12 to PEM

openssl pkcs12 -in path.p12 -passin pass:password -out certificatename.pem

  • The -in option specifies file to read the key
  • The -passin option specifies password protecting the source
  • The -out option specifies file to save the result. The default output format is PEM.

STEP 5: Convert PEM to PKCS8

openSSL pkcs8 -in certificatename.pem -topk8 -nocrypt -out certificatename.pk8


You can export the key as PKCS#8 directly from KeyStore Explorer: Right click on the key entry, select “Export Private Key”, confirm PKCS#8 format and in the dialog with the export options uncheck “Encrypt” and make sure that “PEM” is checked. That’s it.

Excellently! We managed to get the keys that we can sign our application. If you have any questions, feel free to ask.

Best regards,
University of Games Team

Show Comments