The customer sent me a *.crt and a *.key
When I try:
keytool -keystore jcosign.jks -importcert -alias foobar -file foobar.crt
I get:
keytool error: java.lang.Exception: Input not an X.509 certificate
When I try:
keytool -keystore jcosign.jks -keyalg "RSA" -import -file foobar.crt
I get:
keytool error: java.security.cert.CertificateParsingException: invalid
DER-encoded certificate data
But the certificate certainly seems valid. I can open it in a utility and see
all the correct metadata including "Signature Algorithm: SHA-1 with RSA
Encryption ( 1.2.840.113549.1.1.5 )"
Should I be checking or doing something else?
Is there anything I could do with the key file to resolve this?
Many thanks for any advice.
On Apr 4, 2013, at 1:42 AM, Xin Feng <xinf...@umich.edu> wrote:
> You need a) import the CA cert ( that signed the Cosign service cert ) to
> your keystore.
>
> If your cert is official signed by the CA that your CoSign service knows, you
> don't need (b).
>
> -Xin
>
> On Tue, Apr 2, 2013 at 9:09 PM, George Francis <gfranc...@gmail.com> wrote:
> Hello,
> Have browsed the archives for a direct answer to this, but to no avail.
>
> I've written a J2EE web application that's being used at a University.
> I'm hosting the web app from a Tomcat (5.5) server.
> The University want me to integrate my application with their existing CoSign
> service.
>
> I have created a keystore for the JavaCosign api to access, but I'm not
> certain whether I need to:
> a) import existing certificate(s) (PEM) into my keystore that has to be
> provided by the University
> and/or
> b) generate a CSR (keytool -certreq) and send it to them to have them sign
> it, then import that
>
> I don't want to ask them for anything I don't need.
> Do I need (a) and (b), or just one or the other?
>
> ------------------------------------------------------------------------------
> Minimize network downtime and maximize team effectiveness.
> Reduce network management and security costs.Learn how to hire
> the most talented Cisco Certified professionals. Visit the
> Employer Resources Portal
> http://www.cisco.com/web/learning/employer_resources/index.html
> _______________________________________________
> Cosign-discuss mailing list
> Cosign-discuss@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/cosign-discuss
>
>
------------------------------------------------------------------------------
Precog is a next-generation analytics platform capable of advanced
analytics on semi-structured data. The platform includes APIs for building
apps and a phenomenal toolset for data science. Developers can use
our toolset for easy data analysis & visualization. Get a free account!
http://www2.precog.com/precogplatform/slashdotnewsletter
_______________________________________________
Cosign-discuss mailing list
Cosign-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/cosign-discuss
