It has been several months since I set it up be we have been running with a
Verisign certificate on JDK 1.3/Orion on Red Hat 7.1. The syntax of your
command looks like what I used to import our certificate into the keystore but
as I said, it has been a while. I just used what was in the man page for the
keytool command. So it can work without issue. At another company I got it
running on a Verisign certificate working on JDK 1.2/Orion under both Red Hat
6.2 and Windows 2000.
Some issues that you may be running into. The certificates are generated for a
specific server. Or in other words a certificate generated for Apache or IIS
will not work with a JDK 1.3 based server.
We did not have to get an additional chain certificate with the 40 bit
certificate but I recall needing to with the special 128 bit certificate. I
don't know which one you ordered.
Verisign's web site and documentation are not the easiest to use. Good Luck!
Bill
Shal Jain wrote:
I generated a 1024 bit CSR using keytool that comes with JDK 1.3
I purchased a 128 bit cert from Verisign and have trouble importing it using
keytool
when I use the following syntax
keytool -import -trustcacerts -file xyz.cer -keystore keystore
I get the following exception -
Failed to establish chain from reply
I tried importing root certificates for verisign from IE and keep getting
the followin error
Public keys in reply and keystore don't match
Based on past archives it seems some folks have been able to import the
Verisign certs correctly
I would appreciate any help
-shal