I have some case need to create .NET WSE 3 Client to refer Axis2 Web Services with WSS4J OASIS Security( WS-Security specification 1.0), if you have only the Java format keystore, you have to convert it to MS format for signatures upon web service call.
Steps which were testified successfully follows here:
- Download J2SE package and setup JDK and JRE 6 on workstation. (There are many internet information about it, so omit here)
- Download KeyTool IUI version 2.4.1 (Match with JRE 6) from (http://yellowcat1.free.fr/index_ktl.html) and unzip to some folder and double click to run file run_ktl.bat to open visiable KeyTool IUI window
- Click menu [View] - [Select task] - [Export] - [Keystore's entry] - [Private key]
- Click browser icon to pick up the keystore JKS file and enter the keystore password in Source.
- Click to select PEM format on both Target Private key file and Certificates chain file:
- Click the save icon to designate some local folder to save the 2 PEM files.
- Manullay create a text file merged.pem and merge these 2 PEM files to one pem file. ( Use notepad to open the 2 PEM files and respectively copy to merge in, CERTIFICATE first and then RSA PRIVATE KEY.
- Download and setup OpenSSL (http://www.slproweb.com/products/Win32OpenSSL.html)
- Open command line and run follows: ( Assume the openssl in C root and you want the PFX file name: pfxname
C:\OpenSSL\bin\openssl pkcs12 -export -out pfxname.pfx -in merged.pem
- You will find the pfx file in current folder then.