Labels

Thursday, December 29, 2011

Apache importing Certificate and Key in to a single file


Apache importing Certificate and Key in to a single file

 

Assumption: 
 
1.       You have two key files cert.pem & key.pam in your bin directory
2.       cert.pem will be your Public Key & key.perm will be your Private Key
3.       You have Apache with openssl installed or else you need to download open ssl separately and install it
                    Note: Openssl is required for converting keys in to *.der format
 
Note: If you have one domain.cer(Public Key) and domain.key(Private Key), you can simply rename the same to cert.pem and key.pem respectively.
 


 
Convert key and certificate to DER with openssl
 
1.      Change directory to your Apache\bin
·         Example: D:\Apache2.2\bin 
2.       Place cert.pem and key.pem in Apache\bin directory
 
3.       Open Command Prompt window (CMD.EXE) and change directory to Apache\bin
4.      Run following two commands
·         openssl pkcs8 -topk8 -nocrypt -in key.pem -inform PEM -out key.der -outform DER
·         openssl x509 -in cert.pem -inform PEM -out cert.der -outform DER
 
Now you will have cert.der (Public Key) and key.der (Private Key) in Apache\bin folder.
 



 
Combining Certificate and Key in to a single file
 
For this first we will need to get in to “Java\bin” or “JDK\bin” folder
·         Example:  “D:\java” or “D:\jdk1.6.0_25_OLD\bin” which ever is applicable
·         You will be able to see one “keytool.exe” inside it

“”Now download ImportKey.class file from below link, which is required for combining public and private key in to a single certificate””

Download location for ImportKey.class file
http://www.agentbob.info/agentbob/81/version/default/part/AttachmentData/data/ImportKey.class

Note: You should place “ImportKey.class” file inside “Java\bin” or “JDK\bin” folder

  1. Open command Promprt (CMD.EXE)
  2. Chang Directory to “Java\bin” or “JDK\bin”
3.      Run command:  java ImportKey key.der cert.der
 
Result will be as shown below
Using keystore-file : C:\Users\username\keystore.ImportKey
One certificate, no chain.
Key and certificate stored.
Alias:importkey  Password:importkey
 
Now you will be able to see one “keystore.ImportKey” file in your Home Directory
·         Example C:\Users\Sarath\
·         Example C:\Documents and Settings\Sarath\   etc….
 
***Congratulations you are done, now start using the file for making your URL more secure and trusted***
 

 
Optional Configuration:
 
Changing Keystore Password:
keytool - storepasswd -new newpassword -keystore keystore.ImportKey
 
Replace newpassword with the password you need to keep
 
Reference: 
http://docs.oracle.com/javase/1.4.2/docs/tooldocs/solaris/keytool.html
 


 
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)