I am trying to help a client convert his SSL certificate to a .p12 format so it can be installed in a Java keystore on a server running Apache. Based on the various error messages I am getting, I think that the root certificate needs to be a part of the conversion command (sample shown below):
openssl pkcs12 -export -in mycert.crt -inkey mykey.key \
-out mycert.p12 -name tomcat -CAfile myCA.crt \
-caname root -chain
If I am right, I need to get a copy of the root certificate and put it in the
proper directory for OpenSSL to access. My problem is I am running Cygwin on a
Windows machine and I have no idea where the root certificate should be stored.
I tried changing the directory in my script to be where the other pieces are
located (via my Desktop) but OpenSSL didn't like the directory change.
I am very green on this process in particular, so any help would be greatly
appreciated. Thanks.
<<inline: image001.gif>>
