I have Java web service and have implemented X.509 using jks files created by Java Keytool.
keytool -genkey -keyalg RSA -sigalg SHA1withRSA -validity 730 -alias myservicekey -keypass skpass -storepass sspass -keystore serviceKeystore.jks -dname "cn=localhost"
keytool -genkey -keyalg RSA -sigalg SHA1withRSA -validity 730 -alias myclientkey -keypass ckpass -storepass cspass -keystore clientKeystore.jks -dname "cn=clientuser"
To establish trust between client and server I import the server certs to client and client certs to server.
Import server public key (certs) to client.
keytool -export -rfc -keystore clientKeystore.jks -storepass cspass -alias myclientkey -file MyClient.cer
keytool -import -trustcacerts -keystore serviceKeystore.jks -storepass sspass -alias myclientkey -file MyClient.cer -noprompt
Import client public key(certs) to server
keytool -export -rfc -keystore serviceKeystore.jks -storepass sspass -alias myservicekey -file MyService.cer
keytool -import -trustcacerts -keystore clientKeystore.jks -storepass cspass -alias myservicekey -file MyService.cer -noprompt
Both Service and Client are written in Java and are working fine. Now I have a .NET client and my understanding is that if I give the same jave client certificates to the .NET client i.e clientKeystore.jks it should work, but the .net client is having issues.
The .NET client developer has insisted me to use a .pfx certificate that he generated, how can I import a .pfx certificate into an existing .jks file.
The examples I have seen online require me to create a new .jks file.
Thank you.
