Versions Compared

Old Version 1

changes.mady.by.user Adelmo Rodriguez

Saved on

compared with

New Version Current

changes.mady.by.user Adelmo Rodriguez

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Info

Troubleshoot
If you import certificates in the wrong order, the above commands return an error message. To resolve the error, you can:

  • Consult your CA.

  • Re-arrange the order of certificates and try again.

  • Read each certificate with the following command:
    keytool -printcert -file <filename.cert.pem>
    In the output, note the Owner and Issuer (signer) of each certificate. Order your import commands so that the Issuer of each certificate matches the Owner in the previous command.

Option 2: Importing certificates into an existing Package existing PEM-format key and certificates in a new Java keystore

If you have an existing private key and certificates for your server's domain, in PEM format, importing them into a Java keystore requires the OpenSSL tool. OpenSSL can package the PEM files in a PKCS keystore. Java keytool can then convert the PKCS keystore to a Java keystore.

...

Issue the command below, after substituting your values for two variables
(The command will prompt you for keystore passwords):
<your.domain.com.p12> : The existing keystore file.
<your.domain.com> : The complete domain name of your Code42 server

Convert the resulting PKCS keystore file, <your.domain.com>.p12 into a Java keystore

Code Block
keytool -importkeystore -srckeystore <your.domain.com.p12> -srcstoretype PKCS12 -destkeystore <your.domain.com>.jks -deststoretype jks

You can also use the command above to convert a PFX keystore to a Java keystore

Source: https://support.code42.com/Administrator/6/Configuring/Install_a_CA-signed_SSL_certificate_for_HTTPS_console_access#Configure_the_keytool_command