Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

000025831 - How to migrate certificate and key from OpenSSL format to iPlanet cert7.db and key3.db

Document created by RSA Customer Support

on Jun 16, 2016•Last modified by RSA Customer Support

on Apr 21, 2017

Version 2Show Document

Like • Show 0 Likes0
Comment • 0
View in full screen mode

Article Content

Article Number	000025831
Applies To	Sun Solaris 2.8 iPlanet Directory Server
Issue	How to migrate certificate and key from OpenSSL format to iPlanet cert7.db and key3.db Needs help installing the server certificate in iPlanet Migrating certificate into iPlanet Directory Server
Cause	Since the private key is not stored in the iPlanet certificate and key database, the iPlanet Console will not allow you to install the certificate
Resolution	Below are the steps to convert the certificate from and OpenSSL request to iPlanet: 1. Start with a PEM encoded certificate file and a PEM encoded private key file 2. Convert the two PEM-encoded files to a single pkcs12 file: openssl pkcs12 -export -in path/to/file.crt -inkey /path/to/file.key -out /path/to/file.p12 -name "fqdn.hostname.com" -nodes 3. Convert p12 file to iPlanet cert7.db and key3.db files: pk12util -i /path/to/file.p12 -d /directory/to/output/db/files/ 4. Move the cert7.db and key3.db files to the iPlanet Directory Server; replace the slapd-instance_name-cert7.db and slapd-instance_name-key3.db 5. Restart iPlanet Directory Server instance
Legacy Article ID	a17746

Attachments

Outcomes

0 Comments

Recommended Content