0 Replies Latest reply: Mar 20, 2013 1:48 AM by 805373 RSS

    Export certificate from MAC KeyChain access and create keystore,truststore

    805373
      Thanks in advance , Can any one explain how to export a certificate from MAC KeyChain access and create keystore , truststore.

      I tried the following steps but it failed.

      - TLS certificate has been created in Apple keychain access .
      - Then i exported the certificate and public key from keychain access as Certificate.p12 and Key.p12 with corresponding password.

      And followed the below steps to generate keystore , truststore.

      - convert the private key file from PKCS#12 format to PEM format:
           $ openssl pkcs12 -in Key.p12 -out Key.pem
      - when prompt type the related password (P1):
           Enter Import Password:
           MAC verified OK
      - choose a password for the new file (Key.pem)
           Enter PEM pass phrase:
           Verifying - Enter PEM pass phrase:

      - convert the certificate file from PKCS#12 format to PEM format:
           $ openssl pkcs12 -in Certificate.p12 -out Certificate.pem
      - when prompt type the related password (P2):
           Enter Import Password:
           MAC verified OK
      - choose a password for the new file (Certificate.pem)
           Enter PEM pass phrase:
           Verifying - Enter PEM pass phrase:


      openssl pkcs8 -topk8 -nocrypt -in Key.pem -inform PEM -out Key.der -outform DER
      openssl x509 -in Certificate.pem -inform PEM -out Certificate.der -outform DER

      Ref link of ImportKey.java: [Imortkey.java|http://www.agentbob.info/agentbob/79-AB.html]

      user@host:~$ java ImportKey Key.der Certificate.der
      Using keystore-file : /home/user/keystore.ImportKey
      One certificate, no chain.
      Key and certificate stored.
      Alias:vuiis Password:secret

      cp keystore.ImportKey keystore.jks

      keytool -export -file keystore.cert -keystore keystore.jks -alias vuiis
      keytool -import -file keystore.cert -keystore trust.jks -alias vuiis

      Finally i used keystore.jks as keystore and trust.jks as keytrust. But the connection was not successful.

      My requirement is to establish TLS Connection between OSIRIX(MAC Keychain access) and DCM4CHEE (java keystore , truststore )

      Any one can explain what i am doing wrong.