How to Move or Copy an SSL Certificate from a Tomcat/Java Server to OpenSSL

Step-by-Step instructions on transferring SSL certificate between servers.

Of all of the server to server SSL Certificate transfers, moving from the Java Keystore to OpenSSL is by far the easiest. Comprising just a handful of steps, you’ll be done with this in no time—especially with this step-by-step guide.

Note: It might be easier to just create a new CSR in OpenSSL and then reissue your certificate. But this way works, too.

Moving Your Java Keytool SSL Certificate to OpenSSL

1. Use the “Keytool” to generate a new private and public key pair.
2. Using the same “Keytool,” export the new self-signed certificate from PrivateKeyEntry.
3. Display the details of the certificate using the “Keytool.”
4. Use “OpenSSL” to view the recently exported certificate.
5. Enter “DumpKey.java” to remove the key pair from the “Keytool” keystore.
6. Use “OpenSSL” to convert the dumped key pair to Base64.
7. Use “OpenSSL” to view the key pair and the converted keystore files.

Related Posts

• Transfer an SSL Certificate from a Windows Server to another Windows Server
• Transfer an SSL Certificate from a Windows Server to an Apache Server
• Transfer an SSL Certificate from an Apache Server to another Apache Server
• Transfer an SSL Certificate from an Apache Server to a Windows Server