Import a PKCS#12 File into a Java Keystore
This procedure uses the Java keytool utility to create a Java keystore from a PKCS#12 file.
Before you begin
- You need a PKCS#12 (*.p12 or *.pfx) containing your CA-signed FileXpress Gateway server certificate and private key.
- You need to know the password that protects this file.
To import a PKCS#12 file into a Java keystore
- Use the -importkeystore option to create a Java keystore (newkeystore.jks in this example). For example:
keytool -importkeystore -v -srckeystore cert_file.p12 -srcstoretype PKCS12 -destkeystore newkeystore.jks -deststoretype JCEKS
Note: The keystore type you specify for deststoretype must match the type specified for servletengine.ssl.keystoretype in the server's container.properties file. JCEKS is specified by default, and is recommended because it uses a stronger encryption for protecting the private key.
- Enter passwords when prompted using the same password for destination keystore and source keystore.
Note: If these passwords don't match, the server will not be able to use the Java keystore and the browser will not be able to launch the application.
|