Prepare a public certificate and private key from a keystore
If you have a Java keystore that contains a private key and public certificate, extract the key and certificate from the keystore.
Steps
Connect to the
PowerProtect Data Manager console and change to the root user.
Securely copy
custom.keystore to the
/etc/ssl/certificates/custom directory.
Change to the
/etc/ssl/certificates/custom directory:
cd /etc/ssl/certificates/custom
Export the public certificate in PEM format from the keystore:
keytool -list -alias
custom -keystore
custom.keystore -storepass
custompass -rfc >
custom.pem
Replace
custom with the keystore alias that corresponds to the public certificate and
custompass with the keystore password.
Export the private key from the keystore in PKCS#12 format:
keytool -importkeystore -srckeystore
custom.keystore -srcalias
custom -srcstorepass
jkspass -destkeystore custom.p12 -deststoretype PKCS12 -storepass
pkcspass
Replace
custom with the keystore alias that corresponds to the private key. Replace
jkspass with the Java keystore password and
pkcspass with a password for the PKCS file, respectively.
Convert the private key to PEM format:
openssl pkcs12 -in custom.p12 -passin pass:pkcspass -nocerts -nodes -out customkey.rsa
openssl rsa -in customkey.rsa -out customkey.pem
Replace
pkcspass with the password for the PKCS file.
Print the contents of the certificate:
openssl x509 -text -in custom.pem
Extract the CA root certificate from the output.
Save the CA root certificate as
globalca.pem .
Data is not available for the Topic