JavaKeystoreCert
Concerting PEM to PKCS12 (pfx)
This REALLY sucks - someone obtained a x509 certificate with the sole intention to use it on IBM HTTPServer, which is a total disaster. God knows how IBM transformed the trouble-free Apache into this monster. My advice, even if you're stuck with WebSphere, use the real Apache as the front-end web server.openssl pkcs12 -export -in x509_cert_file -name cert_alias -inkey private_key -certfile ca_cert -caname ca_name -out pkcs12_file.p12
If you need to transform PEM formatted certificate into DER encoding, so it can be read by the fucked up IBM Key Manager
openssl -in pem_cert -out der_cert -inform pem -outform der
Matching private key and certificate
Match the modulusopenssl rsa -noout -in server.key -modulus openssl x509 -noout -in server.crt -modulus
Verify CA
openssl verify -CAfile ca_file certificate_file
There are no comments on this page. [Add comment]