
1) Validate the CRT (Once AXIS team shared signed certficate)
openssl x509 -in <<AXIS_SIGNED_certfile.crt>> -text -noout


Note : In above step , paste the path of the signed certificate we shared with you, in place of <<AXIS_SIGNED_certfile.crt>>


2) Create the pkcs12 keystore
openssl pkcs12 -export -out CLIENT_DOMAINNAME.p12 -inkey [CLIENT_DOMAINNAME].key -in <<AXIS_SIGNED_certfile.crt>> -name <<aliasname>> -certfile SakshamAPIClientRootCert.crt -certfile SakshamAPIClientIntermediateCertificate.crt
Note : Axis Team will share Saksham Root and Intermediate public certificates with client.


Ex : openssl pkcs12 -export -out axis.p12 -inkey Private.key -in AXIS-client-certificate.crt -name AXIS -certfile Root.crt -certfile Intermediate.crt



In Step 2 : Important step


In place of [CLIENT_DOMAINNAME].key , need to pass the path of the key file that was generated at the time of creating csr
In place of <<AXIS_SIGNED_certfile.crt>>, need to pass the path of the signed certificate that we shared to you.
In place of <<aliasname>> , you can give any name ( most clients prefer to give organisation name )
and path of the Intermediate and root certificates given to you should be given in place of /SakshamAPIClientRootCert.crt -certfile ../SakshamAPIClientIntermediateCertificate.crt


After passing everything correctly , click enter
i) It will ask for pass phrase for key file that you created while creating csr
ii) Give password correctly which you gave while creating that key file
after that , if you click enter
iii) It will ask as enter export password, give a well remembered password.
iv) It will ask again to confirm same, enter same password agin


Now, pkcs12 will be generated .
This file will be used to authenticate at axis bank side and if successful then you will be able consume the APIs you are subscribed for.