Submit a ticketCall us

Have You Auto Renewed? If not, you're missing out.
The SolarWinds Renewal Program comes with a host of benefits including the most recent product updates, 24/7 technical support, virtual instructor-led training and more. Experience all of this with the convenience of Auto Renewal, and never worry about missing any of these great benefits. Learn More.

Home > Success Center > Web Help Desk (WHD) > Web Help Desk Administrator Guide > Configure and manage authentication > Create a PKCS#12 Keystore from a Private Key and a Certificate

Create a PKCS#12 Keystore from a Private Key and a Certificate

Table of contents
No headers
Created by Steve.Hawkins, last modified by Anthony.Rinaldi_ret on Jul 19, 2016

Views: 47 Votes: 0 Revisions: 4

OpenSSL provides the pkcs12 command for generating PKCS#12 files from a private key and a certificate. OpenSSL is open source and can be downloaded from the OpenSSL site at openssl.org. The private key and certificate must be in Privacy Enhanced Mail (PEM) format (for example, base64-encoded with ----BEGIN CERTIFICATE---- and ----END CERTIFICATE---- headers and footers).

Use this OpenSSL command to create a PKCS#12 file from your private key and certificate:

openssl pkcs12 -export \
-in <signed_cert_filename> \
-inkey <private_key_filename> \
-name 'tomcat' \
-out keystore.p12

If you have a chain of certificates, combine the certificates into a single file and use it for the input file, as shown below. The order of certificates must be from server certificate to the CA root certificate. See RFC 2246 section 7.4.2 for details on this order.

cat <signed_cert_filename> \
<intermediate.cert> [<intermediate2.cert>] 
... \
> cert-chain.txt

    
openssl pkcs12 -export \
-in cert-chain.txt \
-inkey <private_key_filename> \
-name 'tomcat' \
-out keystore.p12

You are prompted to provide a password for the new keystore, which you will need to provide when importing the keystore into the Web Help Desk Java keystore.

 
Last modified

Tags

Classifications

Public