Importing earlier trusted certificates into the new keystore - PingAuthorize

Importing earlier trusted certificates into the new keystore - PingAuthorize - 8.3

PingAuthorize

bundle

pingauthorize-83

ft:publication_title

PingAuthorize

Product_Version_ce

PingAuthorize 8.3

category

Product

paz-83

pingauthorize

ContentType_ce

Page created: 9 Feb 2021 |

Page updated: 10 Aug 2021

| 1 min read

PingAuthorize 8.3 Product Certificate Management User task Product documentation Content Type

You must import the trusted certificates of other servers in the topology into the new truststore file.

To export trusted certificates from truststore and import them into truststore.new, perform the following steps for each trusted certificate:

Locate the currently trusted certificates.

manage-certificates list-certificates \
  --keystore truststore

For each alias other than server-cert, or whose fingerprint does not match server-cert, perform the following steps:

Export the trusted certificate from truststore.

manage-certificates export-certificate \
  --keystore truststore \
  --keystore-password-file truststore.pin \
  --alias <trusted-cert-alias> \
  --export-certificate-chain \
  --output-file trusted-cert-alias.crt

Import the trusted certificate into truststore.new.

manage-certificates import-certificate \
  --keystore truststore.new \
  --keystore-type JKS \
  --keystore-password-file truststore.pin \
  --alias <trusted-cert-alias> \
  --certificate-file trusted-cert-alias.crt