Java SSL Certificate

nychris · Jan 21, 2005

I generated a CSR using OpenSSL and submitted it to Verisign to get an SSL cert for an Apache web server. I have the cert.cer file now, but the plans changed and I want to use this for Java instead. Can I convert this to a Java keystore using 'keytool -import' or some other method?

Thanks,

--
Chris
RHCE, LPIC, CNE, CCNA, MCSE (+11 others)

nychris · Feb 1, 2005

I forgot to post the resolution. I had to do this once before and found my notes from the first time. You have to take the certificate that the CA gives you and convert it to PKCS12 format and then use that file in Tomcat. You don't need to use the keytool command at all, just openssl to do the conversion. Then you edit the tomcat config file with something like the following...

Code:

openssl pkcs12 -export -inkey host-privkey.pem -in server.cert -out host.foo.org.pfx

clientAuth="false" protocol="TLS"
keystoreType="PKCS12"
keystoreFile="/root/host.foo.org.pfx"
keystorePass="mypassword"/>

--
Chris
RHCE, LPIC, CNE, CCNA, MCSE (+11 others)

Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Java SSL Certificate

nychris

MIS

nychris

MIS

Similar threads

Part and Inventory Search

Sponsor