Wrong email
-----Original Message-----
From: Mattias Arbin [mailto:[EMAIL PROTECTED]]
Sent: Friday, July 21, 2000 8:59 AM
To: Orion-Interest; [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Importing a cert from Thawte
I have now got a valid certificate from Thawte, (i.e a real one, not a test
cert). I am now trying to import it into my keystore without success.
I genereated my certificate request like this:
keytool -genkey -keyalg "RSA" -alias myalias -keystore keystore -dname
"cn=www.[mydomain].com, ou=[MyCompany], o=[My Company], c=SE, S=[Mystate],
l=[mycity]" -validity 360
keytool -certreq -keyalg "RSA" -alias myalias -file
www.[mycompany].com.csr -keystore keystore
The only thing that differs from the Orion docs is that I use an alias
'myalias' instead of the default 'mykey'.
When getting my certificate from Thawte I could choose from a number of
formats. The two that seems to fit is
'Standard Certificate Format' (BASE64 encoded, DER encoded X.509v3 cert.)
'PKCS #7 Certificate Chain' ("Newer servers and development toolkits support
"certificate chains". This format allows Thawte to deliver a full
certificate chain to you, which in turn makes for superior key management
and flexibility.")
When trying to import either one of the above I get:
keytool -import -keystore keystore -file mythawtecert.cer -keyalg
"RSA" -alias myalias -trustcacerts
Enter keystore password: mypassword
keytool error: java.lang.Exception: Input not an X.509 certificate
After reading the docs on keytool, I am still not completely sure if to use
"-alias myalias" so I tried that too:
keytool -import -keystore keystore -file mythawtecert.cer -keyalg
"RSA" -trustcacerts
Enter keystore password: mypassword
keytool error: java.security.cert.CertificateException: Unsupported encoding
Does anybody have any idea what is going wrong here?
Thanks,
Mattias Arbin
