PKI Tutorials - Herong's Tutorial Examples

∟Digital Signature - OpenOffice.org 3

∟Storing Personal Certificate with Its Keys

This section provides a tutorial example on how to merge a personal certificate with its private-public key pair in a KeyStore file, which needs to be converted in a PKCS12 file, because most PKI applications can only import PKCS12 files.

Now I need to merge the signed certificate with the corresponding private-public key pair in the KeyStore file.

1. View my personal certificate:

herong> keytool -printcert \
   -file herong_yang_yahoo_com.pem

Owner: EMAILADDRESS=herong_yang@yahoo.com, CN=CAcert WoT User
Issuer: EMAILADDRESS=support@cacert.org, CN=CA Cert Signing Authority,
   OU=http://www.cacert.org, O=Root CA
...

Noticed that CAcert.org has change the CN field to "CAcert WoT User" and put my email address into an EMAILADDRESS field.

2. Import the CAcert.org root certificate first:

herong> keytool -importcert -keystore herong.jks \
   -storepass HerongJKS -alias cacertsigningauthority \
   -file CACertSigningAuthority.crt

3. Import my personal certificate signed by CAcert.org together with its private-public key pair:

herong> keytool -importcert -keystore herong.jks \
   -storepass HerongJKS -alias herongyang@yahoo.com \
   -file herong_yang_yahoo_com.pem

4. Export my personal certificate with its private-public key pair:

herong> keytool -importkeystore \
   -srckeystore herong.jks -srcstoretype jks -srcstorepass HerongJKS \
   -srcalias herong_yang@yahoo.com -srckeypass HerongJKS \
   -destkeystore personal.p12 -deststoretype pkcs12 \
   -deststorepass HerongP12 -destkeypass HerongP12

Now my personal certificate with its private-public key pair is stored in a PKCS12 file, personal.p12, ready to be imported into any PKI client applications.

Table of Contents

 About This Book

 Introduction of PKI (Public Key Infrastructure)

 Introduction of HTTPS (Hypertext Transfer Protocol Secure)

 Using HTTPS with Google Chrome

 Using HTTPS with Mozilla Firefox

 HTTPS with Microsoft Edge

 Using HTTPS with Apple Safari

 HTTPS with IE (Internet Explorer)

 Android and Server Certificate

 iPhone and Server Certificate

 Windows Certificate Stores and Console

 RDP (Remote Desktop Protocol) and Server Certificate

 macOS Certificate Stores and Keychain Access

 Perl Scripts Communicating with HTTPS Servers

 PHP Scripts Communicating with HTTPS Servers

 Java Programs Communicating with HTTPS Servers

 .NET Programs Communicating with HTTPS Servers

 CAcert.org - Root CA Offering Free Certificates

 PKI CA Administration - Issuing Certificates

 Comodo Free Personal Certificate

 Digital Signature - Microsoft Word

►Digital Signature - OpenOffice.org 3

 OpenOffice.org 3 - Applying Digital Signatures

 Converting KeyStore Files to PKCS12 Files

 Importing Private-Public Key Pair with Internet Options

 Viewing a Certificate with a Private Key

 Importing CA Certificates into the Trusted Store

 Signing OpenOffice.org 3 Document Failed

 Generating CSR for a Personal Certificate

 Getting Personal Certificate Signed by CAcert.org

►Storing Personal Certificate with Its Keys

 Installing Personal Certificate with Internet Options

 Signing OpenOffice.org 3 Document Worked

 S/MIME and Email Security

 PKI (Public Key Infrastructure) Terminology

 Archived Tutorials

 References

 Full Version in PDF/EPUB

Storing Personal Certificate with Its Keys - Updated in 2022, by Herong Yang