Page History

...

This private key should be guarded carefully.  Ideal places include an encrypted disk volume and non-persistent, RAM-based disk (such as /dev/shm in CentOS or Debian).

Next, once you have Now combine the private key , you'll need to combine with the chained cert and the private key into a PKCS12 package (.pfx) in order to import back into the shrine.keystore or .p12 suffix) that will set the stage to import the bundle into the final keystore.  Run the following command (again, assuming that the private key file is called private_key.pem):

$ openssl pkcs12 -export -in chain.crt<certificates_file> -inkey private_key.pem -out <pkcs12_file> -name <source_entry_alias> -CAfile <ca_certificate> -caname <ca_alias> chain.pfx-chain -password pass:<password>

Once you have the PKCS12 package, you'll now need to import this into your existing shrine.keystore: 

...