Generate Jks File From Crt And Key Using Keytool
Steps to generate self-signed PKCS#12 SSL certificate and export its keys:
Download your new certificate; save it as mydomain.crt. Use the same alias as the private key so it associates them together. The alias here must match the alias of the private key in the first command. Keytool -import -trustcacerts -alias mydomain -file mydomain.crt -keystore KeyStore.jks. F5 load balancers generate.crt and.key files, which has to be converted to a.jks keystore to configure it with Weblogic Server. Here.crt is the signed certificate from a CA and.key contains the private key. These are in PEM format. Step 1: Copy the crt contents to a notepad and save this file. Keytool is a tool used by Java systems to configure and manipulate Keystores. The following are a list of commands that allow you to generate a new Java keystore file, create a CSR, import certificates, convert, and check keystores.
1- Create PKCS#12 keystore (.p12 or .pfx file)
myKeystore.p12
= keystore filename. It can with .pfx extension as well.MY_PASSWORD
= password used for the keystore and the private key as well.CN
= commonName, it will be shown as certiciate name in certificates list.OU
= organizationUnit, department name for example.O
= organizationName, the company name.L
= localityName, the city.S
= stateName, the state.C
= country, the 2-letter code of the country.
Note: This step can be done using openssl but it's more complicated.
2- Create the public certificate (has the header -----BEGIN CERTIFICATE-----
):
Using keytool
: Windows 7 home premium key generator win 7.
Or using openssl
:
Keytool Create Jks Keystore
Note: Import public-certificate.pem into browsers to trust it. Add it to 'Trusted Root Certification Authorities' certificate store.
3- Export the private key (has the header -----BEGIN PRIVATE KEY-----
):
Keytool Jks Command
4- Export the public key from the private key (has the header -----BEGIN PUBLIC KEY-----
):