Reputation: 2532
Convert or import SSL certificate to java keystore
I have a SSL certificate I'm trying to import in a Java keystore in order to switch some old application to SSL. I am unfamiliar with everything Java. I have the .crt, .key and .ca bundle files but not clue what formats they're in.
com.cabundle:
-----BEGIN CERTIFICATE-----
MIIEkjC....
com.crt:
-----BEGIN CERTIFICATE-----
MIIGDjCCBPag...
com.key:
-----BEGIN PRIVATE KEY-----
MIIEvAIBADANBg.....
I've tried following this guide: https://docs.oracle.com/cd/E35976_01/server.740/es_admin/src/tadm_ssl_convert_pem_to_jks.html but I get all sorts of garbage errors I can't make anything out of. I just don't get it.
My java configuration file needs this:
# SSL configuration (disabled by default)
# ssl-enabled=true|false
# ssl-key-store=
# ssl-key-store-password=
# ssl-key-store-type=jks
How can I do this?
Upvotes: 0
Views: 3287
Answers (1)
Reputation: 96
These are PEM format certificates. Before they can be imported, you must merge them into a PKCS12 format cert
openssl pkcs12 -export -in com.crt -inkey com.key -out temp.p12 -name com -CAfile com.cabundle -caname root -chain
Ensure you assign a password - keytool won't import passwordless PKCS12 files
keytool -importkeystore -deststorepass [your-password-here] -destkeypass [your-password-here] -destkeystore out.jks -srckeystore temp.p12 -srcstoretype PKCS12 -srcstorepass password-created-in-last-step -alias whatever
Upvotes: 2
Related Questions
- Converting a Java Keystore into PEM Format
- How to import a .cer certificate into a java keystore?
- How do I import a PKCS12 certificate into a java keystore?
- Import Windows certificates to Java
- How to import a .p12 or pem certificate into a java keystore?
- Importing SSL Certificate to Java
- Importing private key to keystore
- Import key and SSL Certificate into java keystore
- Create a Java Keystore from a openssl Self-Signed certificate file
- How do I import a certificate chain and it's certificate into a java keystore?