Using pk12util allows you to export certificates and keys from your internal database and import them into an internal or external PKCS #11 module. You can always export certificates and keys to your internal database, but most external tokens will not allow you to export certificates and keys. By default, pk12util uses certificate and key databases named cert8.db and key3.db.
Go to the server_root/alias directory containing the databases.
Add server_root/bin/proxy/admin/bin to your PATH.
Locate pk12util in server_root/bin/proxy/admin/bin.
Set the environment. For example:
Enter the command: pk12util.
The options will be listed.
Perform the actions required.
For example, in UNIX enter:
pk12util -o certpk12 -n Server-Cert [-d /server/alias] [-P https-test-host]
Enter the database password.
Enter the pkcs12 password.