The changing of keystore.type in java.security won't work alone. You got to have the right provider available. Sun provides a PKCS#12 keystore provider in their new JSSE1.0.2. Install that. You can now create a PKCS#12 type keystore using the API, though the keytool still fails, at least that happened with me. You could also extract the DER certificate (or PEM certificate using -rfc option of keytool) from standard JKS type keystore and use the openssl's pkcs12 utility to convert to PKCS#12 type certificate. You may require the privatekey as input. Get that from the store using API. I had done this, and it works. Hope this helps... Sumanta. > -----Original Message----- > From: Julie Ruiz [SMTP:[EMAIL PROTECTED]] > Sent: Monday, February 19, 2001 11:32 AM > To: [EMAIL PROTECTED] > Subject: PKCS12 > Importance: High > > Hi, > > Tomcat use SSL directly, I use the keytool of the JDK to generate the > key pair and a self certificate. > I need to generate certificates for clients but the browser says that if > > have to be in the format PKCS12. > For the keytool I specify a keystore type at the command line, via the > -storetype option and I put that uses the pkcs12, but it not function, > also I changed the value of the keystore.type property specified in the > security properties file " java.security", that resides in the JDK > security properties directory, java.home\lib\security and also didn´t > function. > > How can I generate a certificate with the pkcs12 format using the > keytool of the JDK?????? > > Julie. > > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] ------------------------------------------------------------------------------ This message is intended only for the personal and confidential use of the designated recipient(s) named above. If you are not the intended recipient of this message you are hereby notified that any review, dissemination, distribution or copying of this message is strictly prohibited. This communication is for information purposes only and should not be regarded as an offer to sell or as a solicitation of an offer to buy any financial product, an official confirmation of any transaction, or as an official statement of Lehman Brothers Inc. Email transmission cannot be guaranteed to be secure or error-free. Therefore, we do not represent that this information is complete or accurate and it should not be relied upon as such. All information is subject to change without notice. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
