Convert or import SSL certificate to java keystore
Question
I have a SSL certificate I'm trying to import in a Java keystore in order to switch some old application to SSL. I am unfamiliar with everything Java. I have the .crt, .key and .ca bundle files but not clue what formats they're in.
com.cabundle:
-----BEGIN CERTIFICATE-----
MIIEkjC....
com.crt:
-----BEGIN CERTIFICATE-----
MIIGDjCCBPag...
com.key:
-----BEGIN PRIVATE KEY-----
MIIEvAIBADANBg.....
I've tried following this guide: https://docs.oracle.com/cd/E35976_01/server.740/es_admin/src/tadm_ssl_convert_pem_to_jks.html but I get all sorts of garbage errors I can't make anything out of. I just don't get it.
My java configuration file needs this:
# SSL configuration (disabled by default)
# ssl-enabled=true|false
# ssl-key-store=
# ssl-key-store-password=
# ssl-key-store-type=jks
How can I do this?
1 answers
solution1
2 ACCPTED 2018-07-16 13:35:34
These are PEM format certificates. Before they can be imported, you must merge them into a PKCS12 format cert
openssl pkcs12 -export -in com.crt -inkey com.key -out temp.p12 -name com -CAfile com.cabundle -caname root -chain
Ensure you assign a password - keytool won't import passwordless PKCS12 files
keytool -importkeystore -deststorepass [your-password-here] -destkeypass [your-password-here] -destkeystore out.jks -srckeystore temp.p12 -srcstoretype PKCS12 -srcstorepass password-created-in-last-step -alias whatever
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.