Skip Navigation

Import a previously issued certificate using a .pfx file

  • Verify that you have the .pfx file for a previously issued certificate. Make sure that you know the password for the .pfx file.
  • If necessary, make sure that you know the password for the private key of the certificate within the .pfx file.
  • Make sure that the certificate entry in the source .pfx file has the alias of "serverkey".
  1. If necessary, verify that the PATH system variable includes the path to the
    bin directory.
    1. In a command prompt, type
      set | findstr "Path"
    2. Press
    For instructions to set the Path system variable, see 'Configure the Java Runtime Environment' in the Installation content.
  2. On the computer that hosts
    , create a temporary folder (for example,
  3. Copy the .pfx certificate into the temporary folder.
  4. Open a command prompt and navigate to the temporary folder that you created in step 2.
  5. Confirm the information of the existing certificate in the bems.pfx keystore. Type
    keytool -list -keystore bems.pfx -storetype PKCS12 -storepass <
    password of the .pfx file
    Dashboard keystore only supports one certificate in the bems.pfx keystore file. For more information about keystore commands, see Keystore commands. The following is a sample output:
    Keystore type: PKCS12 Keystore provider: SunJSSE Your keystore contains 1 entr serverkey, <
    > <
    >, <
    >, PrivateKeyEntry, Certificate fingerprint (SHA1): EA:A2:57:AB:30:09:DC:2A:F5:0A:EA:D9:D0:7A:3D:EB:95:A2:4C:7D
  6. If the certificate alias isn't "serverkey", change the alias. Type the following command and press enter:
    keytool -changealias -alias <
    alias from previous output
    > -destalias "serverkey" -keystore "C:\bemscert\bemsnew.pfx" -storetype PKCS12 -storepass <
    password of the .pfx file