Prepare a Java Keystore certificate for use with™

Export the certificate AND private key from the keystore:

  1. Export the certificate using the keytool command-line utility:
    # keytool -export -rfc -alias my_cert -file cert.crt -keystore keystorename -storepass keystorepassword
  2. Download from
  3. Download from
  4. Rename without the ".txt" extension.
  5. Compile and
    # javac
  6. Export the private key to "exported.key" in PKCS#8 PEM format:*
    # java -classpath . ExportPriv <keystore> <alias> <password> > exported.key
  7. Convert the private key "exported.key" to "exported_rsa.key" in RSA format:
    # openssl pkcs8 -inform PEM -nocrypt -in exported.key -out exported_rsa.key
* Try wrapping the lines in "exported.key" at 64 characters using a text editor if step 7 reports a "bad base64..." error.

Update the SSL configuration to reflect the full path and filenames of the certificate and private key created in the previous steps:

  1. Go to "Edit Properties" -> "SSL" tab.
  2. Enter the full path and file name of the certificate from step 1 above into the "Certificate File" field.
  3. Enter the full path and file name of the private key from step 7 above into the "Certificate Key File" field.
  4. Restart to load the new certificate and key files.

Other resources and references: