Skip to main content
Skip table of contents

Key Util

KeyUtil is a tool that can be used to generate RSA key pairs, create certificate requests and ultimately create pkcs#12 based key stores based on imported certificates.

​KeyUtil tool provides a command-line interface for software based key stored using the pkcs#12 storage format. The KeyUtil tool can be downloaded here​​ KeyUtil.zip

A description on​​ how to ge​​​​nerate a key and import a certificate:

Generate a key

Import a certificate

​​​​​​Gen​​​​erate a key

​​​​Command: keyutil keygen

Parameter

Description

dn <distinguished name>

Given dn must be enclosed by double quotes if it includes spaces and be of the format shown in the example below.

pw <Key store password>

pw is the password that protects the private key and must be a regular passphrase.

keysize <key size>

keysize is the number of RSA bits. Must be 2048 or 4096.

keyfile <file in which to store private key>

keyfile is the file that will contain the protected private key.

p10file <file name>

p10file is the file name of the PKCS#10 certificate request. This is the file that shall be sent to IN Groupe upon configuration. 

Example in Unix:

./keyutil.sh keygen -dn "CN=Customer A,O=Customer A,C=NO" --pw password -keysize 2048 --keyfile customerA.key -p10file customerA.p10

Example in dos:

# keyutil keygen -dn "CN=Merchant A,O=Merchant A,C=NO" -pw password -keysize 2048 --keyfile merchantA.key -p10file merchantA.p10

If successful, the output is a Base64 PEM encoded PKCS#10 written to the specified file while status, filenames and PKCS#10 hash is shown on the screen. The key file is created and will be deleted during certificate import.
RSA key pair successfully generated
PKCS#10 certificate request written to customerA.p10
Key file written to customerA.key

​​​Impor​​​t a certificate​

Command: keyutil import

Parameter

Description

pw <Key store password>

pw is the password used to protect the private key. Set during generation of the key.

keyfile <File in which the private key is stored>

keyfile is the file that contains the protected private key.

certfile <certificate file>

certfile is the (path and) name of the certificate file in DER, PEM, PKCS7 (.p7b) or Base64format.

​​p12file <The pkcs#12 file to generate>

p12file is the final keysstore containing the certificate and the private key.

​Example in Unix:

./keyutil.sh import -pw password --keyfile johnsmith.key --certfile johnsmith.cer --p12file johnsmith.p12​​​​

Example in dos:

# keyutil import -pw password --keyfile johnsmith.key --certfile johnsmith.cer --p12file johnsmith.p12

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.