An OpenSSL based CA has the CA keys and certificate as PEM files (or the CA private key on an HSM), and issued subscriber certificates as PEM files.
You can convert a PEM-style Root CA key to a PKCS12 file that can be imported in EJBCA:
$ openssl pkcs12 -
-out server1.p12 -inkey cakey.pem -
ca.pem -name privateKey
The following EJBCA CA UI menu options and CLI commands allow you to import these and continue operations transparently:
To import a PKCS#12 file with CA private key and certificate, select the EJBCA CA UI menu option Edit Certificate Authorities > Import CA keystore.
To import CA keys from a PKCS#12 file or an HSM, use the CLI command bin/ejbca.sh ca importca.
To import user certificates, use the CLI command bin/ejbca.sh ca importcert.