Info Olagos wrote:
Hello,
For anyone who has succesfully imported a PKCS12 certificate in a keystore :
Does this work with the java keytool tool on a linux system, i mean is it
possible to import PKCS 12 certificates on that?
It seams impossible to import with the java keytool tool on a windows vista
business system a PKCS12 certificate.
Anyone experience with it?
Regards,
Heidi
This is on CentOS 5.5 using java-1.6.0-openjdk-1.6.0.0-1.16.b17.el5
Use OpenSSL to create a PKCS#12 file from an SSL certificate (in
server.crt) and private key (in server.key):
openssl pkcs12 -export -in server.crt -inkey server.key -out
server.pkcs12 -name ofbiz
Go and find the .jks file:
cd /opt/apache-ofbiz-09.04/framework/base/config/
Back it up:
mv ofbizssl.jks ofbizssl.jks.old
Run keytool to import the PKCS12 cert & key:
keytool -importkeystore -deststorepass changeit -destkeypass changeit
-destkeystore ofbizssl.jks -srckeystore /root/server.pkcs12
-srcstoretype PKCS12 -srcstorepass changeit -alias ofbiz
Check the results:
keytool -list -v -keystore ofbizssl.jks -storepass changeit
Start OFBiz and make sure SSL works...
Note that I'm using the existing password 'changeit' as I'm too lazy to
reconfigure OFBiz to use something different.
Regards,
Richard Siddall
P.S. The keytool commands also work on Windows XP with JDK 1.6.0-21 with
the same PKCS12 file.