Certificate and key management

How-to import into Salesforce a .pfx certificate with private key

Source keystore file: ecom-pp_SSL2016.pfx

Source keystore pwd: PPSSLL27

Salesforce does not support .pfx keystore, therefore it's necessary to store the certificate in a .jks keystore following the steps below.

1) Store the certificate with its private key into a JKS keystore

"bin/keytool" -importkeystore -srckeystore ecom-pp_SSL2016.pfx -srcstoretype pkcs12 -destkeystore ecom-pp_SSL2016.jks -deststoretype JKS

Introduzca la contraseña de almacén de claves de destino: <the_jks_pwd>

Volver a escribir la contraseña nueva: <the_jks_pwd>

Introduzca la contraseña de almacén de claves de origen: <PPSSLL27>

La entrada del alias le-0052dc34-11f5-4a74-a4f3-fb7c4bd566f0 se ha importado correctamente.

Comando de importación completado: 1 entradas importadas correctamente, 0 entradas incorrectas o canceladas

2) Change the alias

"/bin/keytool" -keystore ecom-pp_SSL2016.jks -changealias -alias le-0052dc34-11f5-4a74-a4f3-fb7c4bd566f0 -destalias ecom_pp_SSL2016

Introduzca la contraseña del almacén de claves: <the_jks_pwd>

3) Import into Salesforce

From Setup > Security Controls > Certificate and Key Management

click button 'Import from keystore' and follow the indications.