---++ Importing a certificate into a Java keystore This document describes the steps needed to import / convert a certificate into a Java Keystore. The Keystore can be used with Tomcat, or other Java applications. ---+++ Converting the certificate to PKCS12 format Execute the following command to convert a x509 encoded certificate and private key to a PKCS12 encoded certificate: <verbatim> openssl pkcs12 -export -in <certificate.crt> -inkey <certificate.key> -out <certificate.p12> -name <cert-name> -CAfile <cacert.pem> -caname <ca-name> -chain </verbatim> Please write down the passphrase you used to encode the PKCS12 encoded certificate, you will need it in later steps. ---+++ Importing the PKCS12 certificate into a keystore Convert the PKCS12 encoded certificate into a Java keystore, by executing: <verbatim> keytool -importkeystore -srckeystore <certificate.p12> -srcstoretype PKCS12 -srcstorepass '<PKCS12 passphrase>' -alias tomcat -deststorepass '<keystore password> -destkeypass '<keystore password>' -destkeystore <keystore filename> </verbatim> ---+++ Adding the root CA into the keystore <verbatim> keytool -import -trustcacerts -alias <CA> -file <cacert.pem> -keystore <keystore filename> </verbatim> -- %USERSIG{IvoVanGeel - 13 Jun 2013}%
This topic: Main
>
WebHome
>
ImportingCertificateToJavaKeystore
Topic revision: r2 - 15 Jul 2017 - IvoVanGeel
Copyright © 2010-2019 by LANIS