PKI Tutorials - Herong's Tutorial Examples

∟Digital Signature - OpenOffice.org 3

∟Converting KeyStore Files to PKCS12 Files

This section provides a tutorial example on how to convert a KeyStore file to a PKCS12 file, because Windows 'Internet Options' can import keys and certificates from PKCS12, but not from KeyStore file.

Let's assume that Amy has a private-public key pair and a certificate from me. She wants to add a digital signature on OpenOffice.org 3 document.

According to the OpenOffice.org 3 help text, Amy needs to import her private-public key pair and certificate using "Internet Option".

But there is problem. "Internet Option" can not import private-public key pair from KeyStore files. But it can import PKCS12 files.

So Amy needs to convert her KeyStore file to a PKCS12 file using the JDK "keytool" command:

amy> \local\jdk\bin\keytool.exe -importkeystore -srckeystore amy.jks
   -srcstoretype jks -srcstorepass AmyJKS -srcalias amy@xyz.com
   -destkeystore amy.p12 -deststoretype pkcs12 -deststorepass AmyP12
   -destkeypass AmyP12

amy> \local\jdk\bin\keytool.exe -list -keystore amy.p12
   -storepass AmyP12 -storetype pkcs12

Keystore type: PKCS12
Keystore provider: SunJSSE

Your keystore contains 1 entry

amy@xyz.com, Mar 6, 2011, PrivateKeyEntry,
Certificate fingerprint (MD5): 00:5D:79:5A:47:76:C7:1A:53:3C:30:90...

Done. Amy now has her private-public key pair in a PKCS 12 file now. By the way her certificate is also included in that single PrivateKeyEntry.

Table of Contents

 About This Book

 Introduction of PKI (Public Key Infrastructure)

 Introduction of HTTPS (Hypertext Transfer Protocol Secure)

 Using HTTPS with Google Chrome

 Using HTTPS with Mozilla Firefox

 HTTPS with Microsoft Edge

 Using HTTPS with Apple Safari

 HTTPS with IE (Internet Explorer)

 Android and Server Certificate

 iPhone and Server Certificate

 Windows Certificate Stores and Console

 RDP (Remote Desktop Protocol) and Server Certificate

 macOS Certificate Stores and Keychain Access

 Perl Scripts Communicating with HTTPS Servers

 PHP Scripts Communicating with HTTPS Servers

 Java Programs Communicating with HTTPS Servers

 .NET Programs Communicating with HTTPS Servers

 CAcert.org - Root CA Offering Free Certificates

 PKI CA Administration - Issuing Certificates

 Comodo Free Personal Certificate

 Digital Signature - Microsoft Word

►Digital Signature - OpenOffice.org 3

 OpenOffice.org 3 - Applying Digital Signatures

►Converting KeyStore Files to PKCS12 Files

 Importing Private-Public Key Pair with Internet Options

 Viewing a Certificate with a Private Key

 Importing CA Certificates into the Trusted Store

 Signing OpenOffice.org 3 Document Failed

 Generating CSR for a Personal Certificate

 Getting Personal Certificate Signed by CAcert.org

 Storing Personal Certificate with Its Keys

 Installing Personal Certificate with Internet Options

 Signing OpenOffice.org 3 Document Worked

 S/MIME and Email Security

 PKI (Public Key Infrastructure) Terminology

 Archived Tutorials

 References

 Full Version in PDF/EPUB

Converting KeyStore Files to PKCS12 Files - Updated in 2022, by Herong Yang