Here are the instructions on how to import a SSL certificate into the Java Keystore from a PKCS12 (pfx or p12) file.
- Create a new keystore
- Navigate to C:\Program Files\Java\jdk_xxxx\bin\ via command prompt
- Execute: keytool -genkey -alias mycertificate -keyalg RSA -keysize 2048 -keystore mykeystore
- Use password of: Use the same password/passphrase as the PKCS12 file
- What is your first and last name? (should be the dns you're going to use) [Unknown]: server.mydomain.com
What is the name of your organizational unit? [Unknown]: MyCompanysITDepartment
What is the name of your organization? [Unknown]: MyCompany
What is the name of your City or Locality? [Unknown]: CITY
What is the name of your State or Province? [Unknown]: STATE
What is the two-letter country code for this unit? [Unknown]: US
Is CN=...................................... correct? [no]: yes
Enter key password for <mycertificate>
(RETURN if same as keystore password): Hit Return/Enter
- Empty the keystore
- Execute via command prompt: keytool -delete -alias mycertificate -keystore mykeystore
- Ensure nothing is in the keystore by executing: keytool -v -list -keystore mykeystore
- Import the PKCS12 File
- Execute via command prompt: keytool -v -importkeystore -srckeystore whateverthefileis.p12 -srcstoretype PKCS12 -destkeystore mykeystore -deststoretype JKS
- Enter the PKCS12 password/passphrase for both the Source and Destination password.