Once you have the client12.cer you can then add it to the keystore/truststore.
Sr. Technology Engineer
Original Message:
Sent: Tue July 09, 2024 11:36 AM
From: Neelima Sindhu Uppugandla
Subject: Postgres SSL certs configuration in IBM WebSphere application server truststore.
Hi Gabriel,
Apologies for delayed response. Yes the server.pk8 file is in DER format. I tried the command openssl pkcs12 -export -out client.p12 -inkey client.pk8 -in client.crt -nocrypt and ran into this error.
I have limited knowledge on the converting the certs to different formats etc please help me. I tried to look online for any insights on the error but didn't find anything that I could use.
Thanks,
Neelima
------------------------------
Neelima Sindhu Uppugandla
Original Message:
Sent: Wed July 03, 2024 04:43 AM
From: Gabriel Aberasturi
Subject: Postgres SSL certs configuration in IBM WebSphere application server truststore.
Hello Neelima,
Is server.pk8 in DER (binary) or PEM (Plain text) format? if you can read in a text editor server.pk8 file the is PEM if not is DER. Thas is the questions Brian is asking for.
Try the next command line
openssl pkcs12 -export -out client.p12 -inkey client.pk8 -in client.crt -nocrypt
Hope this helps. Tell us if you nedd more supoprt
Regards
------------------------------
Gabriel Aberasturi
Versia Sistemas TI
Original Message:
Sent: Tue July 02, 2024 09:20 AM
From: Neelima Sindhu Uppugandla
Subject: Postgres SSL certs configuration in IBM WebSphere application server truststore.
Hi Gabriel,
We tried above command and got this error . Any insights on this ?
Thanks,
Neelima
------------------------------
Neelima Sindhu Uppugandla
Original Message:
Sent: Tue July 02, 2024 09:14 AM
From: Neelima Sindhu Uppugandla
Subject: Postgres SSL certs configuration in IBM WebSphere application server truststore.
Hi Gabriel,
Yes same key in different formats .pk8 and .key. We'll try the suggested solution and let you know if it works and need any further assitance.
Thanks,
Neelima
------------------------------
Neelima Sindhu Uppugandla
Original Message:
Sent: Tue July 02, 2024 09:00 AM
From: Gabriel Aberasturi
Subject: Postgres SSL certs configuration in IBM WebSphere application server truststore.
Hello Neelima,
In addtion to Brian's question.
You have client.pk8 and client.key are they the same key in different formats?
If client.pk8 is the key (in pkcs8 format) corresponding to client.crt you can use openssl to convert that key and crt to a pkcs12 format keystore (client.p12) that you can import into WebSphere KeyStore.
openssl pkcs12 -export -out client.p12 -inkey client.pk8 -in client.crt
Hope this helps. Tell us if you need more support
Regards
Gabriel Aberasturi
------------------------------
Gabriel Aberasturi
Versia Sistemas TI
Original Message:
Sent: Mon July 01, 2024 12:21 PM
From: Neelima Sindhu Uppugandla
Subject: Postgres SSL certs configuration in IBM WebSphere application server truststore.
Hi Team,
We are trying to connect to postgres db server that has SSL configuration from WAS. We were provided with root.crt, client.crt, client.pk8 and client.key for successful ssl handshake.
We were able to import client.crt and root.crt into truststore but not able to provide keys since they are in different format that is not recognized by Was.
Could you please help us in this regard?
Thanks,
Neelima
------------------------------
Neelima Sindhu Uppugandla
------------------------------