Search...
FAQs Subscribe
Pie
FAQs
Recent topics Flagged topics Hot topics Best topics
Search...
Search within WebSphere Search Coderanch
Advance search Google search
Register / Login
book review grid granny advertise on coderanch thread boost polymorphism
Win a copy of Cloud Application Architecture Patterns: Designing, Building, and Modernizing for the Cloud this week in the Cloud/Virtualization forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
thread boost building better world book meaningless drivel book review grid advertise on coderanch
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • paul wheaton
  • Paul Clapham
  • Ron McLeod
Sheriffs:
  • Jeanne Boyarsky
  • Liutauras Vilda
Saloon Keepers:
  • Tim Holloway
  • Carey Brown
  • Roland Mueller
  • Piet Souris
Bartenders:

Importing a file.pfx in Ikeyman for Websphere

 
Brian Hennessy
Ranch Hand
Posts: 57
posted 19 years ago
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
    Send
  • Quote
  • Report post to moderator
Hi

I have a client certificate stored in my personal certificates in my IE browser assigned by cacert. I exported this to .pfx file which should come in the pkcs#12 format. However when i try to import the file in ikeyman for WAS into a JKS I get an error complaining that the database file has been corrupted. I have exported a self signed cert generated from by ikeyman to a .p12 file and imported it as a pkcs#12 key type successfully.
Does anyone have any ideas on this. I am ikeyman from a trial version of the WAS v6 base edition.
Thanks in advance.
 
Mark Eaton
Greenhorn
Posts: 1
posted 18 years ago
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
    Send
  • Quote
  • Report post to moderator
Hennseb,

Before the certificate can be imported into IBMKEYMAN they have to be converted using OpenSSL.

see www.openssl.org for download of openssl.

Procedure is:
openssl pkcs12 -in [filename].pfx -out [out].pem
openssl pkcs12 -export -in [out].pem -out [newname].p12

I have used this procedure to export/import certificates between Microsoft IIS/ISA Server and IKEYMAN

Cheers
mark
 
Brian Hennessy
Ranch Hand
Posts: 57
posted 18 years ago
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
    Send
  • Quote
  • Report post to moderator
Mark Thanks for the reply.
I've been able to use some other open source tools for the job. For anyones future reference they can be found on the bouncycastle.org website on the resources page.
Mark I attempted your open ssl approach but i got the same error with the .p12 file I suspect its a problem with the version of ikeyman. Next week I should have access to the version running on the WAS ND version so that should be able to do the job.

Thanks again for the suggestion

Brian
 
Subha Murthy
Greenhorn
Posts: 15
posted 16 years ago
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
    Send
  • Quote
  • Report post to moderator
Hi Brian,

can you tell me how exactly you were able to import .pfx into WebSphere using bouncycastle?

Thanks a lot!
 
Brian Hennessy
Ranch Hand
Posts: 57
posted 16 years ago
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
    Send
  • Quote
  • Report post to moderator
I'm a little late responding to this, so Subha I apologise for not responding ,but hopefully it comes in handy for somone else. I originally used an application called Portecle to import the cert , I may have found a link to it from the bouncycastle web site. However to get the websphere ikeyman working I following the following instructions from IBM

Unable to import a PKCS12 file that is created by IIS or other non-IBM Web server keystores into a CMS or JKS database

 
Don't get me started about those stupid light bulbs.
reply
reply
    Bookmark Topic Watch Topic
  • New Topic
Boost this thread!
Similar Threads
More...