Hi Konstantin, Goo Sam and Mark, Thank you for responding so quickly to my post. Your articles were helpful but it didn't show me the exact procedure as how to chain certificates etc. (or I misread them)
I managed to do it using this really cool tool "KeyStore Explorer 4.0" from http://www.lazgosoftware.com/kse/index.html It has a really nice interface and really easy to use. I managed to create a Java keystore file (.jks) by importing the CA root certificate, the CA intermediate certificate and the Key pair from the .PFX file. I'll post a detailed "how to guide" tomorrow. I'm going to get some sleep now. Thanks once again. Cheers, Ian ________________________________ From: Goo Sam Kong <[email protected]> To: Tomcat Users List <[email protected]> Sent: Thu, 24 June, 2010 6:44:57 AM Subject: Re: Convert a certificate from IIS (.PFX) into a (.keystore) for Apache Tomcat v 6.x Hi Ian, Take a look on this http://tp.its.yale.edu/pipermail/cas/2005-July/001337.html. Hope it helps. On 24 June 2010 06:41, Konstantin Kolinko <[email protected]> wrote: > 2010/6/24 Mark Eggers <[email protected]>: > > Google is your friend? > > > > > http://www.cb1inc.com/2007/04/30/converting-pfx-certificates-to-java-keystores/ > > > > Please note that I have not tried this. Your mileage may vary. > > > > Noticing the "PKCS #12" hint form the above page, > I can find this Sun article: > > http://java.sun.com/developer/technicalArticles/J2SE/security/#4 > "Import and Export PKCS#12 Keystores" > > > how to chain the CA's intermediate certificates > > It looks that the method described in the Sun article imports the > whole keystore, and from description of the format it looks that the > one from Jetty also does so. > > Disclaimer: I have not tried them. > > Best regards, > Konstantin Kolinko > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > >
