Steps to Import TLS Certificate, Private key from PKCS#12 to JKS Keystore
1. Copy the certificates in D:\Tetherfi\TextchatService_HK\Certificates
2. Open command prompt and run as administrator and navigate to Certificates folder and verify whether keytool is accessible or not. If not set path to keytool. Below is the command to verify the keytool.
3. Below is the command to set path
4. Once the path is set, navigate to certificates folder
5. Next is to import private key and TLS certificate to jks keystore
6. Next is to list the private key and cert from jks store
7. Next is to import trusted root and intermediate certs to keystore
Steps to import TLS certificate, private key from PKCS#12 to Windows CertMgr
1. Double click the P12 certificate, and select Local Machine from Store Location
2. The P12 file will be listed in File name column
3. Enter the PKCS#12 password provided from Market place and click Next.
4. Select option place all certificates in the following store. Click browse button.
5. When the select certificate store windows pop up, select personal.
6. Click Next and Finish.
1.To import private key and TLS Certificate to JKS keystore
Syntax: keytool -importkeystore -deststorepass <keystore password> -destkeypass <keystore password> -destkeystore <jks keystore> -srckeystore <pkcs12 file> -srcstoretype PKCS12 -srcstorepass <pkcs12 password from email>
Ex. : keytool -importkeystore -deststorepass 123456 -destkeypass 123456 -destkeystore w01saepweb1z.uat.dbs.com.jks -srckeystore w01saepweb1z.uat.dbs.com.p12 -srcstoretype PKCS12 -srcstorepass mmwiFKZFLB
2. To list the private key and cert from JKS keystore
Syntax: keytool -list -v -keystore <jks keystore>
Ex. : keytool -list -v -keystore w01saepweb1z.uat.dbs.com.jks
3.To import trusted root and intermediate certs to keystore
Syntax: keytool -import -alias DBSBank-Ent-SubCA -keystore <jks keystore> -keypass <keystore password> -trustcacerts -file ./DBSBank-Ent-SubCA.crt -storepass <keystore password> -noprompt
Ex. : keytool -import -alias DBSBank-Ent-SubCA -keystore w01saepweb1z.uat.dbs.com.jks -keypass 123456 -trustcacerts -file ./DBSBank-Ent-SubCA.crt -storepass 123456 -noprompt
Syntax: keytool -import -alias DBSBank-Root-CA -keystore <jks keystore> -keypass <keystore password> -trustcacerts -file ./DBSBank-Root-CA.crt -storepass <keystore password> -noprompt
Ex. : keytool -import -alias DBSBank-Root-CA -keystore w01saepweb1z.uat.dbs.com.jks -keypass 123456 -trustcacerts -file ./DBSBank-Root-CA.crt -storepass 123456 -noprompt
4. Import TLS Certificate, Private key from PKCS#12 to Windows CertMgr
- Copy the p12 file to Windows server
- Double click the p12 file.
- Select Local Machine from Store Location.
- The p12 file should have listed in File name column. If not, click the Browse button to look for the p12 file.
- Enter the PKCS#12 password provided from the Marketplace email. Click Next
- Select option Place all certificates in the following store, click Browse button.
- When the Select Certificate Store windows is pop up, select Personal.
- Click Next and click Finish.