[prev in list] [next in list] [prev in thread] [next in thread]
List: tomcat-user
Subject: Re: Error While importing certificate into keystore
From: Christopher Schultz <chris () christopherschultz ! net>
Date: 2022-06-28 16:25:29
Message-ID: 87a7f6f4-2090-7d59-d0d3-630f36d03c4d () christopherschultz ! net
[Download RAW message or body]
Mohan,
On 6/28/22 09:54, Mohan T wrote:
> I am trying top import the certificate into keystore and encountered the
> below error.
>
> Would appreciate if you could throw some light on this
>
> $ keytool -importkeystore -srckeystore /home/ilas/Downloads/okta.cert
> -srcstoretype pkcs12 -destkeystore /home/ilas/Downloads/keystore.jks
> -deststoretype JKS
>
> Importing keystore /home/ilas/Downloads/okta.cert to
> /home/ilas/Downloads/keystore.jks...
>
> Enter destination keystore password:
>
> Enter source keystore password:
>
> keytool error: java.io.IOException: toDerInputStream rejects tag type 45
Open your okta.cert file in notepad/less or similar. Does it look like this?
-----BEGIN CERTIFICATE-----
[stuff]
-----END CERTIFICATE-----
If so, then you want to do this:
$ keytool -importcert -keystore /home/ilas/Downloads/keystore.jks -alias
'Okta 2022' < /home/ilas/Downloads/okta.cert
The cert may be in DER format which is just the same format but not
using base64-encoding with the -----BEGIN and -----END wrapper around
it. keytool can read that type of cert as well using the command above.
If you aren't super comfortable with keystores, PEM and/or DER files,
etc. then I would suggest that you use a tool that can help you manage
these things that will help you avoid mistakes such as Keystore Explorer:
https://keystore-explorer.org/
-chris
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic