Export Private Key as Certificate

3.4 Export Private Key as Certificate

This topic provides the information to export private key as a certificate to obtain the identity store.

To export the private key, use the comment given below:

keytool -export -v -alias <alias_name> -file <export_certificate_file_name_with_location.cer> 
-keystore <keystore_name.jks> > -keypass <Private key Password> -storepass <Store Password>

For example:

keytool -export -v -alias OBREMOCert -file AdminOBREMOCert.cer -keystore AdminOBREMOKeyStore.jks -keypass Oracle123 -storepass
        Oracle123

If successful, the following message is displayed.

Certificate stored in file < AdminOBREMOCert.cer>

Table 3-5 Obtain and Import Trusted Certificate

Certificate	Description
Obtain Trusted Certificate from CA	The processes of obtaining a trusted certificate vary from one CA to another. The CA might perform additional offline verification. Consult the CA issuing the certificate for details on the process to be followed for submission of the CSR and for obtaining the certificate.
Import Certificate into Identity Store	Store the certificate obtained from the CA in the previous step, in a file, preferably in PEM format. Other formats like the p7b file format would require conversion to the PEM format. Details on performing the conversion are not listed here. Refer to the Oracle WebLogic Server documentation on Securing Oracle WebLogic Server for details on converting a Microsoft p7b file to the PEM format. The command to be executed for importing a certificate into the identity store depend on whether the trust store chosen (refer to Choose the Identity and Trust Stores section). It is highly recommended to verify the trust path when importing a certificate into the identity store. The commands provided below assume the use of the Java Standard Trust store.

Certificate

Description

Obtain Trusted Certificate from CA

The processes of obtaining a trusted certificate vary from one CA to another. The CA might perform additional offline verification. Consult the CA issuing the certificate for details on the process to be followed for submission of the CSR and for obtaining the certificate.

Import Certificate into Identity Store

Store the certificate obtained from the CA in the previous step, in a file, preferably in PEM format. Other formats like the p7b file format would require conversion to the PEM format. Details on performing the conversion are not listed here. Refer to the Oracle WebLogic Server documentation on Securing Oracle WebLogic Server for details on converting a Microsoft p7b file to the PEM format.

The command to be executed for importing a certificate into the identity store depend on whether the trust store chosen (refer to Choose the Identity and Trust Stores section). It is highly recommended to verify the trust path when importing a certificate into the identity store. The commands provided below assume the use of the Java Standard Trust store.

For information on importing the intermediate CA certificate and identity certificate, refer to the below topics:

Import Intermediate CA Certificate
This topic provides the systematic instructions to import the intermediate CA certificate into the identity keystore.
Import Identity Certificate
This topic provides the systematic instruction to import the identity certificate into the keystore using the command.

Parent topic: Obtain the Identity Store