tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From duc...@gmail.com
Subject Re: Unable to import certificate into keystore
Date Thu, 11 Sep 2008 14:40:38 GMT
Felix,

Thanks for the reply.  Your point #1 was the correct issue (and shows my
inexperience with these things).  I was trying to import the certificate
using an alias name already in use (which I thought was what I was supposed
to do).  I changed the alias name, and the cert then imported without a
problem.

Thanks!
David

On Thu, Sep 11, 2008 at 3:09 AM, Felix Schumacher <
felix.schumacher@internetallee.de> wrote:

> Hi David,
>
> http://java.sun.com/j2se/1.4.2/docs/tooldocs/windows/keytool.html
> says there are two modes for importing certificates.
>
>  1. You choose an alias, which is already present in your keystore.
>    keytool will assume, that the cert is a certificate reply (which is
>    probably wrong in your case)
>  2. The choosen alias is not present in your keystore.
>    keytool thinks the certificate is a trusted certificate.
>
> Since I think the second case is the one you are facing. You could either
> choose another alias and change your code to use the new alias name, or
> get rid of the old certificate (atleast change its alias).
>
> WARNING
> I haven't tried if it will work, and I really don't know if it should
> work. So you really really should read the documentation and save the
> original keystore first.
>
> Bye
>  Felix
>
> On Wed, September 10, 2008 5:40 pm, ductaa@gmail.com wrote:
> ...
> > Tomcat version:  Tomcat 5.5.20
> > JDK:  1.5.0_06
> > OS:  Windows Server 2003, Standard Edition
> ...
> > certificates into our keystore, and things are working fine.  Our partner
> > now sends us a new certificate and tells us we need to import this new
> > one.
> > So I execute the following...
> >
> > keytool -import -alias <keystore alias> -keystore <path to
> > keystore>\.keystore -file <path to certificate>\CompanynameProdCert.der
> >
> > Keytool asks me for our keystore password, which I supply, and then I get
> > the following error:
> >
> > keytool error: java.lang.Exception: Public keys in reply and keystore
> > don't
> > match
> >
> > I am a complete and total novice regarding SSL and cryptography in
> > general,
> > so please don't lambaste me for not knowing the basics, but after having
> > consulted Google, I'm pretty much at a loss regarding how to proceed.
> >
> > Any help will be very much appreciated.
> >
> > TIA,
> > David
> >
>
>
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message