In order to import a Key Pair, click on
Import Key Pair in the KeyStore
window. Three types of Key Pairs can be imported:
PKCS#12 - which defines a file format commonly used to store private keys with accompanying public key certificates, protected with a password-based symmetric key;
PKCS#8 - which is used to carry private certificate key pairs (encrypted or unencrypted);
OpenSSL - with which a public key doesn't need to be generated separately because the private key contains the public key information as well;
The "Input File(s) Information" area contains the following fields, which are enabled depending on the previously selected Key Pair type:
the decryption password;
the Key Pair File;
the Private Key File;
one or more Certificate(s) File(s);
Certificates..." button which creates more
Certificate(s) file input fields.
The files for each Certificate(s) field can be selected using the
Browse button. Also, the
Certificate input fields which are not needed (except for the first one)
can be removed using the "-" (minus) button next to the
Browse button of each Certificate
input field. The Certificate(s) input fields which are empty will be
ignored, but at least one of the Certificate input fields must contain a
The Certificate input fields can accept also files which contain more certificates (such as Certificate Chain files - ".p7b", ".p7c" files). The order in which the certificate files are provided in the input fields is not important, as the certificates will be ordered (with the user certificate first and the signer or root certificate last) using a sorting algorithm based on subject - issuer matching.
When pressing OK, the resulting certificate chain will be validated (using a validation algorithm based on signature verification and subject - issuer matching), and the importing operation will continue only if the certificate chain is valid. Otherwise the user will be informed that the resulting chain is not valid and the Import Key Pair dialog will reappear to allow modifications.
A screenshot for Import Key Pair action (using a private key and Certificate(s) files) can be seen below: