Use a p12 certificate with Web Services / SSL in Java and CXF

Problem : I need to access a webservice of a provider. The provider gave to me a .cert file and a .p12 file.

The private key p12 is not easy to manage in java. The default Key Store (cacert) doesn’t manage private keys.

I’m using apache cxf to access the webservice.


  1. Create a new Key Store for your private key and import the p12 file
keytool -importkeystore -srckeystore privateKeyFile.p12 -srcstoretype PKCS12 -destkeystore personalKeyStore.jks 

The .cert file should be imported in the cacert file:

You can easily access the certificate and the personal key from cxf using the following configuration.

For the private.jks store you need two passwords:

One password to access the file private.jks: storePassword

One password to access the private key inside the private.jks: personalKeyPassword the provider gave to you this password.

Super fast WebApp built by Marco using SpringBoot 3 and Java 17 hosted by Infomaniak in Switzerland