Notes by Міша

Displaying notes 1 - 2
Created by Міша on January 11, 2017 00:40:37    Last update: January 11, 2017 00:41:41
Thank you very much for these instructions. Based on these, I was able to implement a script to automate the conversion of regular certificate/key pair into a JKS. Apparently, the keytool-executable has improved since this "recipe" was written. Instead of renaming the alias later, it is now possible to specify separate source and destination aliases at the time of importing: keytool -importkeystore -srckeystore openssl_c... Also, for people doing this in order to use Tomcat with SSL, it is quite important to have the key saved inside the keystore to use the same password as the store's own: keytool -importkeystore \ -srckeystore $p1...
Created by Міша on January 11, 2017 00:33:58    Last update: January 11, 2017 00:34:56
You do not have to concatenate certificate with its key -- openssl has an option for a separate key-file: openssl pkcs12 -export -in openssl_ca3.pem -out op...