PKCS12 to DER
843811Jun 19 2001 — edited Aug 22 2003Hi,
If I have a pkcs12 encoded client certificate chain, how can I convert it so that I can use the JKS keyStoreType instead of PKCS12.
If I set the following properties for my application :
javax.net.ssl.KeyStore = .../myfile.p12
javax.net.ssl.keyStoreType = PKCS12
javax.net.ssl.keyStorePassword = mypasswrd
everything runs fine(the user is authenticated).
I have tried converting myfile.p12 to DER using openssl. First, i converted the file to PEM :
openssl pkcs12 -in myfile.p12 -out myfile.pem
Then, I converted the file to DER :
openssl x509 -in myfile.pem -inform PEM -out myfile.der -outform DER
Now, if I try creating a keystore using keytool and authenticate the client, I get a Broken pipe error. I did the following to create the keystore :
keytool -import -alias myalias -file myfile.der -keystore mykeystore
After, I changed the properties to :
javax.net.ssl.KeyStore = .../mykeystore
javax.net.ssl.keyStoreType = JKS
javax.net.ssl.keyStorePassword = mykeystorepasswrd
Does anyone know what I am doing wrong ??
Can anyone help, please ??
Note :
I am not even able to use a DER encoded certificate that was converted using IE5. The pkcs12 certificate works perfectly but after converting it to DER, I cant use the certificate to authenticate the client.