Before proceeding, ensure that you have the following three PEM files:
- Certificate Authority (CA) PEM file
- Signed PEM certificate
- Private key PEM file
The following example uses ssl-cert-keyhsm-ca.pem, ssl-cert-keyhsm.pem, and ssl-cert-keyhsm-pk.pem, respectively, to represent these files.
Create the Key Store
The following command accepts the ssl-cert-keyhsm.pem and ssl-cert-keyhsm-pk.pem files and converts them to a .p12 file:
$ openssl pkcs12 -export -in ssl-cert-keyhsm.pem -inkey ssl-cert-keyhsm-pk.pem -out mycert.p12 -name alias -CAfile ssl-cert-keyhsm-ca.pem -caname root -chain