Raffaeu
Reputation: 6973
Import .pfx Certificate with Keytool is not working
Right now I am securing my installation of ElasticSearch using SSL. In the guide they mention to secure the endpoint by importing an x.509 certificate using the following keytool command:
keytool -importcert -keystore node01.jks -file cacert.pem -alias my_ca
The problem is that I have a .pfx file generated by a CA authority. If I pass the .pfx file keytool bombs saying
Input not an X.509 certificate.
How can I fix this, is there a way to convert the .pfx into a .pem certificate?
Upvotes: 1
Views: 4799
Answers (1)
Val
Reputation: 217274
You can do so easily using the following command:
openssl pkcs12 -in certificate.pfx -out certificate.cer -nodes
You can also name the output certificate certificate.pem if you wish. PEM certificates can usually have any of the following extentions: .pem, .crt, .cer, and .key
Upvotes: 1
Related Questions
- Need help converting P12 certificate into JKS
- RHEL : Certificate Import : Keystore error : Signed Fields invalid
- Trust Store vs Key Store - creating with keytool
- Keytool, retrieve the alias value as string from a JKS or from a PFX
- Adding certificate chain to p12(pfx) certificate
- Not able to import certificate in cacert
- Using BKS with keytool resulting in Failed to establish chain from reply
- How to generate trusted self signed certificate with SHA2 signing algorithm using keytool?
- keytool cannot import certifiate - failed to establish chain from reply