Skip to main content

PFX keystore notes

This is a short note with useful commands for PFX keystores.
Import to AWS Certificate Manager
When you need to import PFX certificate into AWS Certificate Manager, you will have to export the unencrypted private key and certificate chain first.
  1. Export the unencrypted private key from PFX
  2. openssl pkcs12 -in domain_certificate.pfx -nocerts -nodes -out private_key.pem
    
  3. Export the certificate chain from PFX
  4. openssl pkcs12 -in domain_certificate.pfx -nokeys -out certificate.pem
    
When you have the PEM files, you can go to the AWS Certificate Manager, click "Import a Certificate" button and enter the following:
  • Certificate body* - paste the first certificate from certificate.pem ending with the words: "-----END CERTIFICATE-----"
  • Certificate private key* - paste the contents of private_key.pem
  • Certificate chain - paste the complete contents of certificate.pem

Comments

Popular posts from this blog

DynamicReports and Spring MVC integration

This is a tutorial on how to exploit DynamicReports reporting library in an existing Spring MVC based web application. It's a continuation to the previous post where DynamicReports has been chosen as the most appropriate solution to implement an export feature in a web application (for my specific use case). The complete code won't be provided here but only the essential code snippets together with usage remarks. Also I've widely used this tutorial that describes a similar problem for an alternative reporting library.
So let's turn to the implementation description and start with a short plan of this how-to:
Adding project dependencies.Implementing the Controller part of the MVC pattern.Modifying the View part of the MVC pattern.Modifying web.xml.Adding project dependencies
I used to apply Maven Project Builder throughout my Java applications, thus the dependencies will be provided in the Maven format.

Maven project pom.xml file:
net.sourceforge.dynamicreportsdynamicrepo…

Do It Yourself Java Profiling

This article is a free translation of the Russian one that is a transcript of the Russian video lecture done by Roman Elizarov at the Application Developer Days 2011 conference.
The lecturer talked about profiling of Java applications without any standalone tools. Instead, it's suggested to use internal JVM features (i.e. threaddumps, java agents, bytecode manipulation) to implement profiling quickly and efficiently. Moreover, it can be applied on Production environments with minimal overhead. This concept is called DIY or "Do It Yourself". Below the lecture's text and slides begin.
Today I'm giving a lecture "Do It Yourself Java Profiling". It's based on the real life experience that was gained during more than 10 years of developing high-loaded finance applications that work with huge amounts of data, millions currency rate changes per second and thousands of online users. As a result, we have to deal with profiling. Application profiling is an i…

IntelliJ IDEA Compiler Excludes issue with generated sources

I've recently got a fresh new licensed IntelliJ IDEA 12 and have been so glad about it until I've suddenly stumbled upon a strange issue. The Java project that was being developed successfully in previous versions of IDEA crashed during building this time. Shortly, the solution was hidden under IDEA Settings Compiler.Excludes where the JAXB generated sources directory was excluded due to some unknown reason. Below are the details and the screenshots.
Symptoms of issue
Here are the symptoms of the issue. Whenever the sources directory is excluded from compiling, it's marked with cross signs. See generated directory below:
This issue results in numerous "cannot find symbol" errors during compilation:
Settings Compiler.Excludes
Here is the screenshot with the solution for this issue. You just need to delete the item with excluded sources and they will again magically appear in the classpath.
Update - the root cause found
After a while I realized that the solution …