Creating a .jks from a .crt and .key file, is that possible
I requested a SSL certificate from an authority.
First, I created a .csr and a .key file on my computer and saved those. I sent the .csr and got back a .crt file and other files that I installed on my server.
All works fine for my Apache server with an SSL connection. However, I would like to be able to use the same certificate for a Tomcat server that I also have running on the system on a different port (Using JIRA). The setup needs a .jks file. Is it possible to generate that from the files that I have?
This seems like it might work, but I don't have that utility in my CLASSPATH or cannot find it.
Answer
You can use openssl and keytool
openssl pkcs12 -export -out domainname.pfx -inkey domainname.key -in domainname.crt -password pass:mypassword
keytool -importkeystore -srckeystore domainname.pfx -srcstoretype pkcs12 -srcalias 1 -srcstorepass mypassword -destkeystore domainname.jks -deststoretype jks -deststorepass mypassword -destalias myalias
Where
- domainname.crt is the crt input file
- domainname.key is the key input file
- domainname.pfx is the pkcs12 intermediate file
- domainname.jks is the jks output file
- mypassword is the password of the pkcs12 and the jks files
- myalias is the alias of the certificate in the jks file