Skip to main content
Skip table of contents

KeyUtil

KeyUtil is a tool that can be used to generate RSA key pairs, create certificate requests and ultimately create pkcs#12 based key stores based on imported certificates.

KeyUtil tool provides a command-line interface for software based key stored using the pkcs#12 storage format. The KeyUtil tool can be downloaded here:   KeyUtil (3).zip

A description on how to generate a key and import a certificate:

Gener​at​​​e​​ ​​​​a key​​​

​​​​Command: keyutil keygen

Parameters:

  • dn <distinguished name>: given dn must be enclosed by double quotes if it includes spaces and be of the format shown in the example below.

  • pw <Key store password>: pw is the password that protects the private key and must be a regular passphrase.

  • keysize <key size>: keysize is the number of RSA bits. Must be 2048 or 4096.

  • keyfile <file in which to store private key>: keyfile is the file that will contain the protected private key.

  • p10file <file name>: p10file is the file name of the PKCS#10 certificate request. This is the file that shall be sent to IN Groupe upon configuration. 

Example in Unix:

./keyutil.sh keygen -dn "CN=Customer A,O=Customer A,C=NO" –pw password -keysize 2048 –keyfile customerA.key -p10file customerA.p10

Example in dos:

# keyutil keygen -dn "CN=Merchant A,O=Merchant A,C=NO" -pw password -keysize 2048 –keyfile merchantA.key -p10file merchantA.p10

If successful, the output is a Base64 PEM encoded PKCS#10 written to the specified file while status, filenames and PKCS#10 hash is shown on the screen. The key file is created and will be deleted during certificate import.
RSA key pair successfully generated
PKCS#10 certificate request written to customerA.p10
Key file written to customerA.key

Import​​ c​​e​​​rtificate

​​​​​​​​​Command: keyutil import

Parameters:

  • ​pw <Key store password>: pw is the password used to protect the private key. Set during generation of the key.

  • keyfile <File in which the private key is stored>: keyfile is the file that contains the protected private key.

  • certfile <certificate file>: certfile is the (path and) name of the certificate file in DER, PEM, PKCS7 (.p7b) or Base64format.

  • ​​p12file <The pkcs#12 file to generate>: p12file is the final keysstore containing the certificate and the private key.

​Example in Unix

./keyutil.sh import -pw password –keyfile johnsmith.key –certfile johnsmith.cer –p12file johnsmith.p12​​​​

Example in dos:

# keyutil import -pw password –keyfile johnsmith.key –certfile johnsmith.cer –p12file johnsmith.p12

 

 

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close