Activities

March 2013
M T W T F S S
« Jan   Apr »
 123
45678910
11121314151617
18192021222324
25262728293031

Creating keystore file from Private key and Certificate file

There will some rare case you may need to generate keystore from Private Key file associated with Certificate file in PEM format. Scenario is moving a website from Apache to Java application server.

My requirement is , client gave PEM file to generate keystore file to configure SSL for Glassfish server.

Solution : Here are the two steps to adopt.

a. Convert PEM files to pkcs12.
We can create keystore file only from pkcs12 file. Here is the command to convert.

 # openssl pkcs12 -export -in server.crt -inkey server.key -certfile server.crt -name "s1as" -out keystore.p12

.

Note : Glassfish requires that Alias(s1as) name to be set. It will ask you a pass-phase while doing it. So you should set it to “changeit” for Glassfish server. Otherwise it will not work.

b. Convert pkcs12 file to keystore file.

#keytool -importkeystore -srckeystore keystore.p12 -srcstoretype pkcs12 -destkeystore keystore.jks -deststoretype JKS

keystore.p12 is the file you created from PEM file
keystore.jks is the keystore file generated for glassfish. Just replace it under the domain config folder to integrate the application.

Leave a Reply

  

  

  

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>