Convert Certificate and Key (Private) into a keystore file

Convert Certificate and Key (Private) into a keystore file

When you have Certificate (.crt file) and Private key (.key file), which you want to convert into Keystore (.keystore file), please follow the below steps.
Basic flow: <.crt file> ➕ <.key file> ➡️ <.p12 file> ➡️ <.keystore file>

Step 1 - Convert Certificate, Key pair to PKCS#12 file

Consider you have the following Certificate, Key pair.
Certificate file name - abc_certificate.crt
Private key file name - xyz_private.key

Execute the below command with the details above to generate PKCS#12 (.p12 file).
openssl pkcs12 -export -in abc_certificate.crt -inkey xyz_private.key -out output_pkcs.p12
Output PKCS#12 file nameoutput_pkcs.p12

Step 2 - Convert PKCS#12 file to Keystore file

Once you have generated the PKCS#12 (.p12 file), execute the below command to generate the Keystore (.keystore file).
keytool -importkeystore -destkeystore final_keystore.keystore -srckeystore output_pkcs.p12 -srcstoretype pkcs12
Output Keystore file namefinal_keystore.keystore

The final output file named "final_keystore.keystore" is the keystore file which is ready to use.

Note: Please note that we have used only the file names in the above commands considering that the commands are executed from the exact location where they are. You can change it to the complete path instead of the file name, when you want to access a file in a different folder path.

                    New to ADSelfService Plus?

                      • Related Articles

                      • Troubleshoot SSH key based authentication failures

                        Follow the suggestions given below to troubleshoot SSH key based authentication failures Check server availability. Click here to know how to check server availability in Applications Manager Verify if you have specified the correct command prompt ...
                      • LDAP - Unable to find valid SSL Certificate

                        If there is an error while adding LDAP Server Monitor with the message "Unable to find valid SSL Certificate", then please try the below steps to troubleshoot the issue. When the error occurs we can find the below traces in the "stderr.txt.*" log ...
                      • How to generate an API Signing Key?

                        You can use the following OpenSSL commands to generate the key pair in the required PEM format. If you're using Windows, you'll need to install Git Bash for Windows and run the commands with that tool. 1. Create a directory       For your ...
                      • How can I generate SSH key for public key based authentication in server monitors?

                        To monitor a Unix server via Public Key Authentication in SSH mode, you need to generate a set of RSA or DSA key pairs. To generate RSA or DSA SSH key pairs: For windows, you can use a free tool like PuTTYgen. For Linux, you can use ssh-keygen ...
                      • Convert Professional edition to Enterprise edition

                        Install an "Admin Server" with the same build number as that of your professional edition. (You can find the build number in Settings -> Tools -> Support -> Build number)  Archive link: http://archives.manageengine.com/applications_manager/ After ...