Generating a PKCS#12 file

Before you begin

• See Generating self-signed certificates before proceeding.
• You need OpenSSL installed. See Generating a private and public key pair for more information.

Procedure

You have to use the previously generated certificate to generate a PKCS#12 file.

1. Open the OpenSSL command prompt and type openssl to start the application.

   

2. Type the following command:

   pkcs12 -export -in C:\path\to\certificatename.crt -inkey C:\path\to\keyname.key -out C:\path\to\newpkcs12.pfx
   

   Where C:\path\to\certificatename.crt is the path to the certificate file, C:\path\to\keyname.key is the path to the private key file, and C:\path\to\newpkcs12.pfx is the path to the PKCS#12 file that you want to create.

3. Optional: If there is a .bundle file:

   pkcs12 -export -in certificatename.crt -inkey keyname.key -certfile bundlefile.bundle -out newpkcs12.pfx
   

Notes:

• Both commands require the pass phrase to unlock the keyname.key file, and a new password to protect the PKCS#12 file.
• You must create the folders of the required paths if they do not exist.

What to do next

After generating a PKCS#12 file, you can install it in the Certificate Store and configure the System Vault to use it. See the following links for more information:

• Installing the private key in the Certificate Store
• Configuring the System Vault
• Tenant credentials configuration

Related links

Parent topic:

• Generating keys

Next topic:

• Installing the private key in the Certificate Store

Related topics:

• Configuring the System Vault
• Tenant credentials configuration