Cryptography Tutorials - Herong's Tutorial Examples

∟Migrating Keys from "OpenSSL" Key Files to "keystore"

∟What Is PKCS#12?

This section describes what is PKCS#12 - One of the PKCS (Public Key Cryptography Standards) used to store a private key and its self-signed certificate together as a single file.

PKCS#12 is one of the PKCS (Public Key Cryptography Standards) devised and published by RSA Security. PKCS#12 is designed as the Personal Information Exchange Syntax Standard.

PKCS#12 can be used in the same way as JKS (Java KeyStore) to store a private key and its self-signed certificate together in a single file. In fact, the Java SE "keytool" supports two keystore types: "jks" and "pkcs12".

When you use "OpenSSL" to generate private keys and certificates, they are stored as individual separate files. But "OpenSSL" does offer the "openssl pkcs12" command to merge private keys and certificates into a PKCS#12 file.

The "openssl pkcs12" command is very important if you want exchange private keys and certificates between "keytool" and "OpenSSL". Read other sections to see my tutorial notes on this.

Visit PKCS Website as http://www.rsa.com/rsalabs/node.asp?id=2124to read more about PKCS#12.

Table of Contents

 About This Book

 Cryptography Terminology

 Cryptography Basic Concepts

 Introduction to AES (Advanced Encryption Standard)

 Introduction to DES Algorithm

 DES Algorithm - Illustrated with Java Programs

 DES Algorithm Java Implementation

 DES Algorithm - Java Implementation in JDK JCE

 DES Encryption Operation Modes

 DES in Stream Cipher Modes

 PHP Implementation of DES - mcrypt

 Blowfish - 8-Byte Block Cipher

 Secret Key Generation and Management

 Cipher - Secret Key Encryption and Decryption

 Introduction of RSA Algorithm

 RSA Implementation using java.math.BigInteger Class

 Introduction of DSA (Digital Signature Algorithm)

 Java Default Implementation of DSA

 Private key and Public Key Pair Generation

 PKCS#8/X.509 Private/Public Encoding Standards

 Cipher - Public Key Encryption and Decryption

 MD5 Mesasge Digest Algorithm

 SHA1 Mesasge Digest Algorithm

 OpenSSL Introduction and Installation

 OpenSSL Generating and Managing RSA Keys

 OpenSSL Managing Certificates

 OpenSSL Generating and Signing CSR

 OpenSSL Validating Certificate Path

 "keytool" and "keystore" from JDK

 "OpenSSL" Signing CSR Generated by "keytool"

 Migrating Keys from "keystore" to "OpenSSL" Key Files

 Certificate X.509 Standard and DER/PEM Formats

►Migrating Keys from "OpenSSL" Key Files to "keystore"

 What Is PKCS#8?

►What Is PKCS#12?

 "openssl genrsa" Generating Private Key

 "openssl pkcs8" Converting Keys to PKCS#8 Format

 "openssl pkcs12" Merging Key with Certificate

 "keytool -list" Verifying PKCS#12 Files

 "keytool -importkeystore" Importing PKCS#12 Files

 Summary - Migrating "OpenSSL" Keys to "keystore"

 Summary - Migrating "keystore" Keys to "OpenSSL"

 Using Certificates in IE

 Using Certificates in Google Chrome

 Using Certificates in Firefox

 Archived Tutorials

 References

 Full Version in PDF/EPUB

What Is PKCS#12? - Updated in 2023, by Herong Yang