Prepare the Java KeyStore
Import the client key and certificate into a Java KeyStore
The key and certificate must be converted to an intermediate PKCS#12 format:
Take note of the used password.
From this new files create a file in JKS format:
Expected output:
To ensure compatibility of the generated KeyStore with the target JRE make sure that the keytool command has been distributed with the same major version of Java (e.g. keytool distributed with JDK Java 11, JRE execution environment Java 11).
Add the server root CA certificate to the Java KeyStore
To validate the server certificate (https://api.cstar.pagopa.it/ for production, https://api.uat.cstar.pagopa.it/ for UAT) please add the root CA certificate (Let’s Encrypt R3) to the new KeyStore.
Quick reference
Last updated