Boston Linux & UNIX was originally founded in 1994 as part of The Boston Computer Society. We meet on the third Wednesday of each month, online, via Jitsi Meet.

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] java keytool x.509 error



On 9/17/2015 9:25 PM, Eric Chadbourne wrote:
> Hi All,
> 
> I'm attempting to assist a former coworker but have little experience with Java and the jvm keytool.  
> 
> He has to admin a java app (jira) running on ubuntu and needs to change the SSL from one for that specific server to one for them all.  He received a zip from executive IT & digicert.  I read through some docs but can't get it to work.  I know there's at least one java guru on the list.
> 
> Here's what I tried.
> 
> $JAVA_HOME/keytool -import -alias alias1 -keystore /somepath/jira.jks -file /someotherpath/DigiCertCA.crt
> 
> $JAVA_HOME/keytool -import -alias alias2 -keystore /somepath/jira.jks -file /someotherpath/star.crt
> 
> $JAVA_HOME/keytool -import -alias privateKey -keystore /somepath/jira.jks -file /someotherpath/star.key
> 
> The first two imported without issue.  The last one returned:
> 
> keytool error: java.lang.Exception: Input not an X.509 certificate
> 
> Unfortunately google is flooded with this error and I'm not finding a solution that helps.  The error is correct.  The key is not an X.509.  Am I not able to import a private key?  Am I totally misunderstanding how this works?

I really like Portecle (http://portecle.sourceforge.net/) for
manipulating keystore files.  Handles all formats, etc.  Normally I
prefer command line tools, but GUIs are better when the command line
tools have a gaggle of undocumented options that are all incompatible
with each other and you need a cookbook to actually do anything useful
with them.

For the record, I don't know how to make keytool add the key after the
fact.  When I've done it, the output of
 keytool -genkeypair
goes straight into the keystore file.

HTH,
Matt



BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org