Using an OpenSSL Certificate with Reflection for the Web or Reflection Security Gateway

  • 7022218
  • 23-Jun-2005
  • 13-Mar-2018


Reflection for the Web 2014 (All Editions)
Reflection for the Web 2011 (All Editions)
Reflection for the Web 2008 (All Editions)
Reflection Security Gateway 2014


This technical note describes the steps to follow to convert an OpenSSL certificate to a format that can be used by the Reflection for the Web's or Reflection Security Gateway's certificate wizard. Once converted, you will import the certificate to Tomcat's certificate keystore.


Converting the Certificate

If you have a certificate generated by an Apache server, the certificate format must be converted to a format (pkcs12) recognized by the Reflection certificate wizard. Follow these steps to convert your certificate.

  1. Locate your Apache-generated certificate. It is typically located in the folder that contains the private key and certificate request file.
  2. Create the pkcs12 package by executing the following command, replacing <myCert> with the name of your Apache certificate:
openssl pkcs12 –export –inkey <myPrivateKey> –in <myCert> –out <myExportedFile>.pfx

Executing the command above creates a file called <myExportedFile>.pfx in your current folder.

Importing the Converted Certificate

Once your Apache certificate is converted to a *.pfx file, you can import the converted certificate to the Reflection management server using the Certificate Wizard.

  1. Stop the Tomcat server.
  2. Launch the Certificate Wizard, located in

Reflection for the Web 2104, Reflection Security Gateway 2014, or Reflection for the Web 2011: <install directory>/utilities/bin/CertificateWizard

Reflection for the Web 2008: <install directory>/utilities/

  1. Select a language and follow the prompts to the panel that offers several certificate options: generate, import, update, or copy.
View Full Size

Select "Import a new CA-signed certificate," and click Next.

  1. Browse to your converted certificate (*.pfx).
  2. Follow the prompts to finish the wizard.
  3. Restart the Tomcat server.

Additional Information

Legacy KB ID

This article was originally published as Attachmate Technical Note 1864.