To import PKCS#12:
- Go to the DSM installation folder and back up the following files:
- .keystore
- configuration.properties
- Open a command prompt and run the following: The command below only works if the DSM is installed at c:\Program Files\Trend Micro\Deep Security Manager. If not, change the command accordingly.
cd "C:\Program Files\Trend Micro\Deep Security Manager\jre\bin" keytool.exe -importkeystore -destkeystore mykeystore.ks -srckeystore "<cert dir>\my_pkcs12_cert.pfx" -srcstoretype pkcs12 -deststoretype JKS
- Enter the source .pfx password and assign the destination keystore password when prompted. Use the same password as the source. Otherwise, the console would not start.
- If the certificate is signed by a root CA or intermediate CA, use the command below to import them. If not, proceed to Step 5.
keytool -import -alias rootCA -trustcacerts -file "<cert dir>\rootCA.cer" -keystore "C:\Program Files\Trend Micro\Deep Security Manager\jre\lib\security\cacerts" keytool -import -alias intermediateCA -trustcacerts -file "<cert dir>\intermediateCA.cer" -keystore "C:\Program Files\Trend Micro\Deep Security Manager\jre\lib\security\cacerts"
- Input the default password, which is "changeit".
- Copy the C:\Program Files\Trend Micro\Deep Security Manager\jre\bin\mykeysotre.ks to C:\Program Files\Trend Micro\Deep Security Manager\.
- Open C:\Program Files\Trend Micro\Deep Security Manager\configuration.properties with a Notepad. Modify the kystoreFile and keystorePass value.
keystoreFile=C\:\\\\Program Files\\\\Trend Micro\\\\Deep Security Manager\\\\mykeystore.ks keystorePass=xxxx
- Restart Deep Security Manager service.