Self-signed certificate in JKS format

I already have a self-signed certificate encoded in JKS format that I would like to use.

The following section will describe how to convert your existing .jks certificate (like the one created in the previous section) into the .der format so that the PAM Federated Sign-In module can be used.

  1. Open a command line and navigate to the folder where PAM is installed {$PAM_HOME} and issue the following command:
    1. For Windows, substitute ALIAS_NAME with the unique identifying string for the key, CERTIFICATE.der with the location and name of the converted certificate file in .der format and PATH_TO_KEYSTORE.jks with the location and name of the .jks certificate file to be converted.
    2. Copy
      bin\PamKeytool.cmd -export -alias ALIAS_NAME -file CERTIFICATE.der -keystore PATH_TO_KEYSTORE.jks

       

    3. For Unix or Linux, substitute ALIAS_NAME with the unique identifying string for the key, CERTIFICATE.der with the location and name of the converted certificate file in .der format and PATH_TO_KEYSTORE.jks with the location and name of the .jks certificate file to be converted.
    4. Copy
      bin/PamKeytool.sh -export -alias ALIAS_NAME -file CERTIFICATE.der -keystore PATH_TO_KEYSTORE.jks

     

  2. After the command is issued, you will be prompted to enter the keystore password. Enter this password and press Enter to continue.
  3. FAQ-Certificate-Convert-JKS-DER-Format

     

  4. The certificate will now be converted and the message Certificate stored in file will be displayed.
  5. FAQ-Certificate-Convert-JKS-DER-Format-File

Now we have converted your existing .jks certificate into a .der certificate so that the PAM Federated Sign-In module can be secured.

Continue to the DER certificate section to configure this certificate in the Federated Sign-In module.