Menu
I can export a Java truststore (JKS file with only certificates, no private key), using the keytool command to a p12 file:
keytool -importkeystore -srckeystore truststore.jks -destkeystore truststore.p12 -deststoretype PKCS12
However, I can't seem to figure out how I could create the same file using the 'openssl pkcs12' command. It allows you to pass in certificates, but every option I've tried requires the user to pass in the private key.
488
PKCS#12 (P12) files define an archive file format for storing cryptographic objects as a single file. API Connect supports the P12 file format for uploading a keystore and truststore. The keystore should contain both a private and public key along with intermediate CA certificates.
openssl pkcs12 -export -nokeys -in certificate.cer -out pkcs12.pfx
112
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
