Two certificates and CSR file

Question

Hello I got stuck with adding new certificate to my java keystore,

I received from customer three files :

1) inter CA pkcs.txt (Start with '-----BEGIN CERTIFICATE-----')

2) no inter CA x.509.txt (Start with '-----BEGIN CERTIFICATE-----')

3) private csr.txt (Start with '-----BEGIN CERTIFICATE REQUEST-----')

I added 'no inter CA x.509.txt' to my truststore, but also I can see that I need to add privetKeyEntry (old one expires soon) to my Java keystore, how can I do that from those files ? Seems like it's not possible as there's no private key and seems like I don't need csr file at all. Am I right that I need to request private key ?

Key entries don't expire. Certificates expire. You don't have the customers private key. At least you shouldn't. No reason to have his CSR either, unless you're supposed to sign it. Unclear what you're asking. — user207421, Nov 25 '15 at 10:37

score 1 · Accepted Answer · edited Mar 20 '17 at 10:18

1

no private key in certificates. Do you need it ? It depends on what you want to do. See this: https://superuser.com/questions/738817/how-do-i-convert-a-certificate-to-a-private-key

edited Mar 20 '17 at 10:18

Community

1
1

answered Nov 25 '15 at 08:51

guillaume girod-vitouchkina

3,061
1
10
26

It seems like remote service use two-way auth, so need to add privateKeyEntry to my keystore, to make it works , but how can I do that from those files ? – Maksym Nov 25 '15 at 09:07
then you need the private key (not in these files). you must request it. – guillaume girod-vitouchkina Nov 25 '15 at 09:15
with X509 and private key, see that: http://stackoverflow.com/questions/906402/importing-an-existing-x509-certificate-and-private-key-in-java-keystore-to-use-i – guillaume girod-vitouchkina Nov 25 '15 at 09:20

Two certificates and CSR file

1 Answers1