I used to have this problem...
Try this (from
http://mark.foster.cc/kb/openssl-keytool.html ):
Export the *public key* (certificate) from a keystore
|keytool -export -alias mykey -keystore keystore -file exported.crt|
The result is a DER (binary) formatted certificate in exported.crt
|openssl x509 -noout -text -in exported.crt -inform der|
Now you will want to convert it to another format - PEM - which is
more widely used in applications such as apache and by openssl to do
the pkcs12 conversion.
| openssl x509 -out exported-pem.crt -outform pem -text -in
exported.crt -inform der|
Then just copy it over smtpd.crt