Import a PKCS#12 File into a Java Keystore

This procedure uses the Java keytool utility to create a Java keystore from a PKCS#12 file.

Before you begin

  • You need a PKCS#12 (*.p12 or *.pfx) containing the certificate you want to use for your Web Edition server.
  • You need to know the password that protects this file.

To import a PKCS#12 file into a Java keystore

  1. Use the importkeystore to create a Java keystore (newkeystore.jks in this example). For example:

    keytool -importkeystore -v -srckeystore cert_file.p12 -srcstoretype PKCS12 -destkeystore newkeystore.jks -deststoretype JCEKS

    Note: The keystore type you specify for deststoretype must match the type specified for servletengine.ssl.keystoretype in the server's container.properties file. JCEKS is specified by default, and is recommended because it uses a stronger encryption for protecting the private key.

  2. When prompted, enter the password of the PKCS#12 file, and use the same password for the keystore file.