PKI Tutorials - Herong's Tutorial Examples - v2.32, by Herong Yang
Converting KeyStore Files to PKCS12 Files
This section provides a tutorial example on how to convert a KeyStore file to a PKCS12 file, because Windows 'Internet Options' can import keys and certificates from PKCS12, but not from KeyStore file.
Let's assume that Amy has a private-public key pair and a certificate from me. She wants to add a digital signature on OpenOffice.org 3 document.
According to the OpenOffice.org 3 help text, Amy needs to import her private-public key pair and certificate using "Internet Option".
But there is problem. "Internet Option" can not import private-public key pair from KeyStore files. But it can import PKCS12 files.
So Amy needs to convert her KeyStore file to a PKCS12 file using the JDK "keytool" command:
amy> \local\jdk\bin\keytool.exe -importkeystore -srckeystore amy.jks -srcstoretype jks -srcstorepass AmyJKS -srcalias amy@xyz.com -destkeystore amy.p12 -deststoretype pkcs12 -deststorepass AmyP12 -destkeypass AmyP12 amy> \local\jdk\bin\keytool.exe -list -keystore amy.p12 -storepass AmyP12 -storetype pkcs12 Keystore type: PKCS12 Keystore provider: SunJSSE Your keystore contains 1 entry amy@xyz.com, Mar 6, 2011, PrivateKeyEntry, Certificate fingerprint (MD5): 00:5D:79:5A:47:76:C7:1A:53:3C:30:90...
Done. Amy now has her private-public key pair in a PKCS 12 file now. By the way her certificate is also included in that single PrivateKeyEntry.
Table of Contents
Introduction of PKI (Public Key Infrastructure)
Introduction of HTTPS (Hypertext Transfer Protocol Secure)
Using HTTPS with Google Chrome
Using HTTPS with Mozilla Firefox
HTTPS with IE (Internet Explorer)
Android and Server Certificate
Windows Certificate Stores and Console
RDP (Remote Desktop Protocol) and Server Certificate
macOS Certificate Stores and Keychain Access
Perl Scripts Communicating with HTTPS Servers
PHP Scripts Communicating with HTTPS Servers
Java Programs Communicating with HTTPS Servers
.NET Programs Communicating with HTTPS Servers
CAcert.org - Root CA Offering Free Certificates
PKI CA Administration - Issuing Certificates
Comodo Free Personal Certificate
Digital Signature - Microsoft Word
►Digital Signature - OpenOffice.org 3
OpenOffice.org 3 - Applying Digital Signatures
►Converting KeyStore Files to PKCS12 Files
Importing Private-Public Key Pair with Internet Options
Viewing a Certificate with a Private Key
Importing CA Certificates into the Trusted Store
Signing OpenOffice.org 3 Document Failed
Generating CSR for a Personal Certificate
Getting Personal Certificate Signed by CAcert.org
Storing Personal Certificate with Its Keys
Installing Personal Certificate with Internet Options
Signing OpenOffice.org 3 Document Worked