Apple server require a CSR(CertificateSigningRequest) in order that apple MFI provide a pem certificate.
I generated the CSR with the following keyhole commands:
keytool -genkeypair -keystore mycompany.jks -alias mycompany.com -keyalg RSA -keysize 2048 -dname "CN=MFi-111111, O=MYCOMPANY Inc."
keytool -certreq -keystore mycompany.jks -alias mycompany.com -sigalg SHA256withRSA
but when I want to connect to the apple server it's required to use the private key with the certificate I got from apple.
How to generate the private key with Keytool from mycompany.jks ?
First export from keystore file ("JKS") to standardized format PKCS
keytool -importkeystore -srckeystore mycompany.jks -destkeystore keystore.p12 -deststoretype PKCS12 -srcalias mycompany.com -deststorepass mypassword -destkeypass mypassword
then with openssl export unencrypted private key (convert from p12 to pem):
openssl pkcs12 -in keystore.p12 -nodes -nocerts -out key.pem