Possible approach starting from current situation:
- Grab keystore file
- Export private key from keystore file
openssl pkcs12 -in myp12file.p12 -out private.pem
Starting from a clean CSR file:
- Create CSR file with OpenSSL
- Offer certificate for signing bij the CA
- Collect public certificate file, PKI-ca-bundle.pem file and private key files into one directory.
- Create an keystore file and clean it’s auto-generated context to wipe it clean.
keytool -genkey -alias KPNCISO -keystore ciso.jks
keytool -delete -alias KPNCISO -keystore ciso.jks
- Create a PKCS#12 file
- Import PKCS#12 file into cleaned keystore file
- Keystore file is now ready for use and loaded with a certificate, all required intermediate certificates and private key in the KPNCISO context.
- Test service
- Write method in knowledge base