- DOMAIN CERT
- CA INTERMEDIATE
- CA ROOT
- server-cert.crt (This file is the one that you got from CA after you had send your certificate request).
- verisign-intermediate-cert.crt (This you should get it from this location http://www.verisign.com/support/install2/intermediate.html assuming your CA is verisign).
- verisign-ca-cert.crt (This you should get it from this location (http://www.verisign.com/support/roots.html assuming your CA is verisign). Make sure you get the right CA. This depends upon the certificate you got so check with verisign for this.
- server-key.pem (This is the key file generated while creating the certificate request)
- cat server-cert.crt verisign-intermediate-cert.crt verisign-ca-cert.crt > server-cert.txt This will concat all the files to one file.
- now use openssl to change the format openssl pkcs12 -export -inkey server-key.pem -in server-cert.txt -out server-cert.pkcs12
Step 2) Download IBM keyman utility and install the software (This is really cool tool that is very handy in managing the keystore)
Location : http://www.alphaworks.ibm.com/tech/keyman/download
Step 3) Creating the keystore using keyman.
- Start keyman tool and click “create new” and select “Keystore token” option.
- Click ‘File->Import’ and choose local resource and then select the “server-cert.pkcs12” file that we just created through openssl. You should see three certificates listed.
- Now its time to create the keystore. Click “File->Save” option and enter the keystore pass (“changeit”) and then the keystore name (“myfirstkeystore”) and you got the keystore. That’s it.
Note: The keystore is in JKS format not PKCS12 format.
Good Luck!!
