John Riley wrote:
Hi, Just an update of my progress. I manage to create a pkcs12 keystore from my certificate and the private key with openSSL. openssl pkcs12 -export -inkey private.key -in domain.crt -out domain.pfx -name "default" I used the exported domain.pfx as keystore in the configuration and it worked! I just have one follow up question: I still haven't included the SSLCACertificateFile (ca.crt) into the keystore. And when I tried doing that with the keytool i got the following error:TrustedCertEntry not supported It seems that pkcs12 keystores can not include trusted certificates. Do I really need it to begin with? Just tell me if am approaching this all wrong :)
I know that using Keystore Explorer you can convert between the different keystore formats. Don't know if that's possible from command line.
/niklas
