I am trying to create a PKCS#12 keystore with more than one certificate. this option does seem to be documented well - everyone talks about creating a .p12 file from a single certicate in a .pem file, like this:
openssl pkcs12 -export -in my_single_signed_cert.pem -out keystore.p12 -name "Alias1"
this creates a new .p12 file each time. If you try to create 1 keystore with 2 certificates like this:
openssl pkcs12 -export -in my_signed_cert.pem -out keystore.p12 -name "Alias1"
openssl pkcs12 -export -in my_other_signed_cert.pem -out keystore.p12 -name "Alias2"
the keystore.p12 file contains only "Alias2".
I have to use PKCS#12 (enterprise toolset requires it), and I know JKS can import certs just fine.
Any suggestions ?
I see two ways to do this:
Create a PEM file with all the certificates you need
Use the -certfile
option to define more certificates