Using the WebLogic Server Java Utilities

WebLogic Server Command Reference

ImportPrivateKey

The ImportPrivateKey utility is used to load a private key into a private keystore file.

Syntax

$ java utils.ImportPrivateKey keystore storepass storetype keypass alias certfile keyfile keyfilepass

Argument	Definition
`keystore`	The name of the keystore. A new keystore is created if one does not exist.
`storepass`	The password to open the keystore.
`storetype`	The type of keystore being used. The following options are available: Demo Identity and Demo Trust—The demonstration identity and trust keystores located in the `WL_HOME\server\lib` directory and configured by default and the `cacerts` file in the `JAVA_HOME\jre\lib\security` directory. Custom Identity and Java Standard Trust—An identity keystore you create and the trusted CAs defined in the `cacerts` file in the `JAVA_HOME\jre\lib\security` directory. Custom Identity and Custom Trust—Identity and trust keystores you create. Custom Identity and Command-Line Trust—An identity keystore you create and command-line arguments that specify the location of the trust keystore. Use this option in a production environment when the administration port is enabled and Managed Servers are started on the command line instead of by the Node Manager.
`keypass`	The password used to retrieve the private key file from the keystore.
`alias`	The name that is used to look up certificates and keys in the keystore.
`certfile`	The name of the certificate associated with the private key.
`keyfile`	The name of the file holding the protected private key.
`keyfilepass`	The password used to unlock the private key file and to protect the private key in the keystore

Example

Use the following steps to:

Generate a certificate and private key using the CertGen utility
Create a keystore and store a private key using the ImportPrivateKey utility

To generate a certificate:

Note: By default, the CertGen utility looks for the CertGenCA.der and CertGenCAKey.der files in the current directory, or in the WL_HOME/server/lib directory, as specified in the weblogic.home system property or the CLASSPATH.

Alternatively, you can specify CA files on the command line. If you want to use the default settings, there is no need to specify CA files on the command line.

Enter the following command to generate certificate files named testcert with private key files named testkey:

$ java utils.CertGen mykeypass testcert testkey

Creating Domestic Key Strength - 1024

Encoding
................................................................
................................................................
................................................................
Created Private Key files - testkey.der and testkey.pem
Encoding
................................................................
................................................................
................................................................
Created Certificate files - testcert.der and testcert.pem
................................................................

Convert the certificate from DER format to PEM format.

$ java utils.der2pem CertGenCA.der Encoding
................................................................
................................................................

Concatenate the certificate and the Certificate Authority (CA).

$ type testcert.pem CertGenCA.pem >> newcerts.pem

Create a new keystore named mykeystore and load the private key located in the testkey.pem file.

$ java utils.ImportPrivateKey mykeystore mypasswd mykey
mykeypass newcerts.pem testkey.pem
Keystore file not found, creating it