Convert Certificate and Key (Private) into a keystore file

Convert Certificate and Key (Private) into a keystore file

When you have Certificate (.crt file) and Private key (.key file), which you want to convert into Keystore (.keystore file), please follow the below steps.
Basic flow: <.crt file> ➕ <.key file> ➡️ <.p12 file> ➡️ <.keystore file>

Step 1 - Convert Certificate, Key pair to PKCS#12 file

Consider you have the following Certificate, Key pair.
Certificate file name - abc_certificate.crt
Private key file name - xyz_private.key

Execute the below command with the details above to generate PKCS#12 (.p12 file).
openssl pkcs12 -export -in abc_certificate.crt -inkey xyz_private.key -out output_pkcs.p12
Output PKCS#12 file nameoutput_pkcs.p12

Step 2 - Convert PKCS#12 file to Keystore file

Once you have generated the PKCS#12 (.p12 file), execute the below command to generate the Keystore (.keystore file).
keytool -importkeystore -destkeystore final_keystore.keystore -srckeystore output_pkcs.p12 -srcstoretype pkcs12
Output Keystore file namefinal_keystore.keystore

The final output file named "final_keystore.keystore" is the keystore file which is ready to use.

Note: Please note that we have used only the file names in the above commands considering that the commands are executed from the exact location where they are. You can change it to the complete path instead of the file name, when you want to access a file in a different folder path.


      New to M365 Manager Plus?
      New to M365 Manager Plus?
        New to RecoveryManager Plus?
        New to RecoveryManager Plus?
          New to Exchange Reporter Plus?
          New to Exchange Reporter Plus?
            New to SharePoint Manager Plus?
            New to SharePoint Manager Plus?
                See all integrations
                New to ADManager Plus?
                See all integrations
                New to ADManager Plus?

                  New to ADSelfService Plus?

                  Start your free trial
                  Start your free trial

                    • Related Articles

                    • Troubleshoot SSH key based authentication failures

                      Follow the suggestions given below to troubleshoot SSH key based authentication failures Check server availability. Click here to know how to check server availability in Applications Manager Verify if you have specified the correct command prompt ...

                    • How to generate an API Signing Key?

                      You can use the following OpenSSL commands to generate the key pair in the required PEM format. If you're using Windows, you'll need to install Git Bash for Windows and run the commands with that tool. 1. Create a directory       For your ...

                    • How can I generate SSH key for public key based authentication in server monitors?

                      To monitor a Unix server via Public Key Authentication in SSH mode, you need to generate a set of RSA or DSA key pairs. To generate RSA or DSA SSH key pairs: For windows, you can use a free tool like PuTTYgen. For Linux, you can use ssh-keygen ...

                    • LDAP - Unable to find valid SSL Certificate

                      If there is an error while adding LDAP Server Monitor with the message "Unable to find valid SSL Certificate", then please try the below steps to troubleshoot the issue. When the error occurs we can find the below traces in the "stderr.txt.*" log ...

                    • How to execute ServerSSHTroubleshoot.bat or sh file ?

                      Solution: Execute the file ServerSSHTroubleshoot.bat or sh from the <AppManager_home>\bin\troubleshooting folder (<AppManager_home>\bin in older versions of Applications Manager). Via command Prompt Execute the ServerSSHTroubleshoot.bat or sh file. ...

                      Related Products