Solutions
HomeIntegrityControlSolutionsManagement Center
  • Integrations
  • 📈Monitoring
    • Setup Prometheus and Grafana
  • 🗝️PKI
    • Extract certificate chain from keystore
  • 🔄Automation
    • Install with Ansible
  • 🧔Customer IAM
    • Social Provider Sign-in
      • Google sign-in
      • Microsoft Windows Live sign-in
      • Facebook sign-in
      • LinkedIn sign-in
  • 🖥️VDI
    • VMware Horizon login with SAML or OIDC using Integrity WEB as third-party IdP
    • Citrix ADC (Netscaler) login with SAML using Integrity WEB as third-party IdP
    • Login to the VMware vCenter Server using Integrity WEB
  • ☁️Cloud Applications
    • ServiceNow
    • Azure B2C
  • 🤝Verifiable Credentials
    • Add Integrity Web as an OIDC attribute provider for Microsoft Entra (Azure) Verifiable Credentials
  • ⏪Proxy / Load Balancer
    • Apache
  • 💾Active Directory Federation Services (ADFS)
    • Access policies
      • How to mark Primary Authentication Fortified ID ADFS adapters as MFA
    • Graphical user interface
      • How to change adapter display (friendly) name
      • How to change adapter style (colors, logos and texts)
    • ADFS not able to consume Integrity SAML Metadata - troubleshooting guide
Powered by GitBook
On this page
  1. PKI

Extract certificate chain from keystore

This solution describes how to extract the certificate chain from a keystore (p12 or pfx), using different tools (OpenSSL, Keystore Explorer, Windows Cert Manager mmc).

OpenSSL

Run this OpenSSL command:

openssl pkcs12 -in INFILE.p12 -out OUTFILE.crt -nokeys

Change the name of the p12-file to match your environment.

After you run the command, enter the keystore password (when prompted for it).

Keystore Explorer

  • Launch Keystore Explorer

  • Open an existing KeyStore

  • Point to your p12/pfx file

  • Enter the password

  • Right click the first entry in the list and select Export->Export Certificate Chain

  • Save to a file

Windows

  • Doubleclick the p12/pfx file in Window

  • Import to Computer Account->Local Computer

  • Open mmc.exe

  • Select File->Add/remove snap-in

  • Select Certificates

  • Select Computer account

  • Select Local Computer

  • Find the newly imported certificates (under Personal)

  • Right click and select Export

  • Do not export the private key

  • Select format = Base64 encoded (X509)

  • Save to a file

PreviousSetup Prometheus and GrafanaNextInstall with Ansible

Last updated 11 months ago

🗝️