Prerequisite: "*.crt", "*.key" from CA, assume the file names are "cert.crt" and "cert.key"
Steps to be performed in Windows desktop:
Steps to be performed in Windows desktop:
- Rename "cert.crt" to "cert.cer" in Windows
- Double click "cert.cer" and "Ceritificate" popup window should be displayed
- Click "Certification Path" tab
- Double click intermediate certification, eg. "GeoTrust RSA CA 2018", another "Certificate" popup window should be displayed
- Click "Details" tab
- Click "Copy to File..." button and save the content as "intermediate.cer"
- Click "Certification Path" tab again"
- Double click root certification, eg. "DigiCert", another "Certificate" popup window should be displayed
- Click "Details" tab
- Click "Copy to File..." button and save the content as "root.cer"
- Concatenate "intermediate.cer" and "root.cer" into "allca.cer", eg. with command "cat intermediate.cer root.cer > allca.cer"
- Execute command "openssl pkcs12 -export -in cert.crt -inkey cert.key -out cert.p12 -name {aliasname} -CAfile allca.cer -caname root -chain"
- Append "$JAVA_HOME/bin" to "PATH" of cygwin, eg. "export PATH=$PATH:$JAVA_HOME/bin"
- Execute command "keytool -importkeystore -deststorepass {password} -destkeystore cert.jks -srckeystore cert.p12 -srcstoretype PKCS12 -srcstorepass {password} -alias {aliasname}"
To verify, use command "keytool -list -v -keystore cert.jks -storepass {password}".
No comments:
Post a Comment