java - convert certificate from pem into jks -

July 15, 2011

i have convert certificate in pem format java key store.

to use 1 tomcat @ windows server

i've got files:

cert_request.csr

-----begin certificate request----- ... -----end certificate request-----

cert_public_key.pem

-----begin certificate----- ... -----end certificate-----

cert_private_key.pem

-----begin encrypted private key----- ... -----end encrypted private key-----

cert.txt
```
contains 16 digit key 
```

i tryed combine pem files (by combining 2 files chain together) , converted openssl

.der file , import keytool new keystore
same .p12
directly imported keystore

i tryed change

    -----begin encrypted private key-----     ...     -----end encrypted private key-----

into

    -----begin rsa private key-----     ...     -----end rsa private key-----

and tryed 3 ways above

what have working certificate?

edit:

i combinied cert_public_key.pem , cert_private_key.pem cert_comb.pem

    -----begin certificate-----     ...     -----end certificate-----     -----begin encrypted private key-----     ...     -----end encrypted private key-----

you aren't clear files combined, should work use openssl combine cert , private key pkcs#12:

cat cert_public_key.pem cert_private_key.pem | openssl pkcs12 -export -out cert.p12

if cert needs chain cert(s) -- ca should have told when submitted csr , issued cert -- it's easiest include it(them) now.

then (1) some java programs can use pkcs12 directly keystore, (2) if need or prefer jks use keytool:

keytool -importkeystore -srckeystore cert.p12 -srcstoretype pkcs12 -destkeystore cert.jks

if care alias in resulting jks, easiest fix after converting.

also: changing labels in encrypted pem doesn't unencrypt it, nor changing label generic pkcs#8 rsa change data match (and different, though little). if want separate pem file decrypted private key:

openssl pkey -in encryptedpk8 -out clearpk8.pem # 1.0.0 openssl pkcs8 -in encryptedpk8 -out clearpk8.pem # 1.0.0  openssl pkcs8 -topk8 -nocrypt -in encryptedpk8 -out clearpk8.pem # below 1.0.0 openssl rsa -in encryptedpk8 -out clearrsa.pem

Search This Blog

And

java - convert certificate from pem into jks -

Comments

Post a Comment

Popular posts from this blog

Android layout hidden on keyboard show -

google app engine - 403 Forbidden POST - Flask WTForms -

c - Why would PK11_GenerateRandom() return an error -8023? -