Create a .jks File for Windows

If a JKS file containing just the needed certificate already exists, skip this section.

1. Log in to an Org that contains the certificate.
2. Go to Setup > Certificate and Key Management.
3. Open the certificate and note the Unique Name field value.
4. Go back to the Certificate and Key Management page.
5. Click the Export to Keystore button. This will create a JKS file containing all the certificates listed on the Certificate and Key Management page.
6. Create a password for the new JKS file and click Save.
7. Find the folder on the computer where the Java KeyTool (keytool.exe) is located. It’s provided as a part of the Java Development Kit (JDK). If keytool.exe isn’t on the computer, download and install the latest JDK version.
8. Copy the JKS file into that folder.
9. Run CMD as an administrator.
10. Use the cd command to navigate to the keytool folder.
11. Run the following command and replace keystore.jks with the name of the JKS file before running the command:
    • keytool -list -keystore keystore.jks
12. Enter the keystore password.
13. Locate certificate aliases in the output. The aliases in the output are lowercase Unique Name field values of certificates in the org. All certificates except for the one being moved to a new Org need to be removed from the JKS file otherwise all of them will be imported to the target Org.
    
14. Run the following command and replace keystore.jks with the name of the JKS file and selfsignedcert_28jan2021_153812 with the alias of the certificate to delete before running the command:
    • keytool -delete -alias selfsignedcert_28jan2021_153812 -keystore keystore.jks
15. Repeat the previous steps to delete extra certificates until only the correct certificate is left in the JKS file.

Next Procedure

Import a Certificate into an Org