Reflection for Secure IT Gateway - Administrator’s Guide > Reflection Gateway System Administration > Server Certificate Management > Using the Keytool Utility to Manage Keystores > Import Certificates from a p7b package into your Java Keystore

Import Certificates from a p7b package into your Java Keystore

The Certification Authority may provide you with a PKCS#7 package (*.p7b) that contains the full chain of certificates required to authenticate your server (the CA-signed server certificate, intermediate certificates, and the CA root certificate). This procedure uses Java keytool command to import the certificates from the p7b file into your Java keystore.

NOTE:If you have individual certificates not contained within a p7b package do not use this procedure. You will need to import each certificate separately. See the procedure described in Import Individual Certificates into your Keystore.

Before you begin

  • Obtain a PKCS#7 package (*.p7b) from the Certification Authority that contains the CA-signed server certificate, intermediate certificates, and the CA root certificate.

  • You need to know the keystore name, password, and alias you used when you created the keystore.

To import certificates contained within a p7b file

  • Add the certificates from the PKCS #7 file (FullChainOfCerts.p7b in this example) to the Java keystore. The alias in this command needs to match the alias you specified when you generated your key pair. For example:

    keytool -importcert -alias rgateway -trustcacerts -file FullChainOfCerts.p7b -keystore newkeystore.jks –storetype JCEKS