---++ Importing a certificate into a Java keystore This document describes the steps needed to import / convert a certificate into a Java Keystore. The Keystore can be used with Tomcat, or other Java applications. ---+++ Converting the certificate to PKCS12 format Execute the following command to convert a x509 encoded certificate and private key to a PKCS12 encoded certificate: <verbatim> openssl pkcs12 -export -in <certificate.crt> -inkey <certificate.key> -out <certificate.p12> -name <cert-name> -CAfile <cacert.pem> -caname <ca-name> -chain </verbatim> Please write down the passphrase you used to encode the PKCS12 encoded certificate, you will need it in later steps. ---+++ Importing the PKCS12 certificate into a keystore Convert the PKCS12 encoded certificate into a Java keystore, by executing: <verbatim> keytool -importkeystore -srckeystore <certificate.p12> -srcstoretype PKCS12 -srcstorepass '<PKCS12 passphrase>' -alias tomcat -deststorepass '<keystore password> -destkeypass '<keystore password>' -destkeystore <keystore filename> </verbatim> ---+++ Adding the root CA into the keystore <verbatim> keytool -import -trustcacerts -alias <CA> -file <cacert.pem> -keystore <keystore filename> </verbatim> -- %USERSIG{IvoVanGeel - 13 Jun 2013}%
E
dit
|
A
ttach
|
Watch
|
P
rint version
|
H
istory
: r2
<
r1
|
B
acklinks
|
V
iew topic
|
M
ore topic actions
Topic revision: r2 - 15 Jul 2017
-
IvoVanGeel
Home
Site map
LANIS web
Main web
Sandbox web
TWiki web
Main Web
Users
Groups
Index
Search
Changes
Notifications
RSS Feed
Statistics
Preferences
View
Raw View
Print version
Find backlinks
History
More topic actions
Edit
Raw edit
Attach file or image
Edit topic preference settings
Set new parent
More topic actions
Account
Log In
E
dit
A
ttach
Copyright © 2010-2019 by LANIS