How to create keystore from cer files?

Question

I have a problem with the creation of keystore from cer files.

I have three files:

1. NameCertyfikat2015.cer
2. NameIntermediateCA.cer
3. NamePri

Answer 1

ADDED 4/21: Found duplicates:

• How can i create keystore from an existing certificate (abc.crt) and abc.key files?
• convert certificate from pem into jks
• importing an existing x509 certificate and private key in Java keystore to use in ssl

keytool does not handle private keys directly.

The normal process is:

1. keytool -genkeypair the privatekey and publickey in a JKS
2. keytool -certreq generate a CSR from that keypair
3. send the CSR (and related evidence) to a CA to get a certificate
4. keytool -importcert the certificate, plus any needed intermediate or "chain" certficate(s), into the same JKS

If you don't have the JKS with the privateKey in it, but your PrivateKey.txt file contains the private key in a format usable by openssl -- does it begin with a -----BEGIN line followed by some lines of base64 and a matching -----END line and if so what is the type named after BEGIN? -- and you have or get openssl, you can use openssl to combine the privatekey and the related certs into a PKCS#12 file, and then keytool can convert the PKCS#12 to a JKS like this:

keytool -importkeystore -srckeystore p12file -srcstoretype pkcs12 -destkeystore jksfile 

Or according to https://issues.jboss.org/browse/WFLY-3686 (sufficiently recent?) Wildfly can use a PKCS12 keystore as-is (instead of JKS).

EDIT 4/21: Documentation for the openssl pkcs12 utility is in a man page on your system if Unix-like with OpenSSL installed (typically section 1ssl or similar), or online at https://www.openssl.org/docs/apps/pkcs12.html#FILE-CREATION-OPTIONS, or in the duplicates above, or also Convert a CERT/PEM certificate to a PFX certificate