Re: Importing a cert from Thawte
I just solved my problem. Keytool seems to be very sensitive to white
characters in the end of the certificate files. I _added_ a trailing return
in my file and now it works. (Somewere on Thawtes site I read that you
should _remove_ all blanks ...)
A tip to people with the same problems as I had: Try adding/deleting
trailing blanks/returns in your certificate reply file.
/Mattias Arbin
- Original Message -
From: "Mattias Arbin" [EMAIL PROTECTED]
To: "Orion-Interest" [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Friday, July 21, 2000 5:58 PM
Subject: Importing a cert from Thawte
I have now got a valid certificate from Thawte, (i.e a real one, not a
test
cert). I am now trying to import it into my keystore without success.
I genereated my certificate request like this:
keytool -genkey -keyalg "RSA" -alias myalias -keystore keystore -dname
"cn=www.[mydomain].com, ou=[MyCompany], o=[My Company], c=SE, S=[Mystate],
l=[mycity]" -validity 360
keytool -certreq -keyalg "RSA" -alias myalias -file
www.[mycompany].com.csr -keystore keystore
The only thing that differs from the Orion docs is that I use an alias
'myalias' instead of the default 'mykey'.
When getting my certificate from Thawte I could choose from a number of
formats. The two that seems to fit is
'Standard Certificate Format' (BASE64 encoded, DER encoded X.509v3 cert.)
'PKCS #7 Certificate Chain' ("Newer servers and development toolkits
support
"certificate chains". This format allows Thawte to deliver a full
certificate chain to you, which in turn makes for superior key management
and flexibility.")
When trying to import either one of the above I get:
keytool -import -keystore keystore -file mythawtecert.cer -keyalg
"RSA" -alias myalias -trustcacerts
Enter keystore password: mypassword
keytool error: java.lang.Exception: Input not an X.509 certificate
After reading the docs on keytool, I am still not completely sure if to
use
"-alias myalias" so I tried that too:
keytool -import -keystore keystore -file mythawtecert.cer -keyalg
"RSA" -trustcacerts
Enter keystore password: mypassword
keytool error: java.security.cert.CertificateException: Unsupported
encoding
Does anybody have any idea what is going wrong here?
Thanks,
Mattias Arbin
RE: Importing a cert from Thawte
You have sent this to the wrong email address.
-Original Message-
From: Mattias Arbin [mailto:[EMAIL PROTECTED]]
Sent: Friday, July 21, 2000 8:59 AM
To: Orion-Interest; [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Importing a cert from Thawte
I have now got a valid certificate from Thawte, (i.e a real one, not a test
cert). I am now trying to import it into my keystore without success.
I genereated my certificate request like this:
keytool -genkey -keyalg "RSA" -alias myalias -keystore keystore -dname
"cn=www.[mydomain].com, ou=[MyCompany], o=[My Company], c=SE, S=[Mystate],
l=[mycity]" -validity 360
keytool -certreq -keyalg "RSA" -alias myalias -file
www.[mycompany].com.csr -keystore keystore
The only thing that differs from the Orion docs is that I use an alias
'myalias' instead of the default 'mykey'.
When getting my certificate from Thawte I could choose from a number of
formats. The two that seems to fit is
'Standard Certificate Format' (BASE64 encoded, DER encoded X.509v3 cert.)
'PKCS #7 Certificate Chain' ("Newer servers and development toolkits support
"certificate chains". This format allows Thawte to deliver a full
certificate chain to you, which in turn makes for superior key management
and flexibility.")
When trying to import either one of the above I get:
keytool -import -keystore keystore -file mythawtecert.cer -keyalg
"RSA" -alias myalias -trustcacerts
Enter keystore password: mypassword
keytool error: java.lang.Exception: Input not an X.509 certificate
After reading the docs on keytool, I am still not completely sure if to use
"-alias myalias" so I tried that too:
keytool -import -keystore keystore -file mythawtecert.cer -keyalg
"RSA" -trustcacerts
Enter keystore password: mypassword
keytool error: java.security.cert.CertificateException: Unsupported encoding
Does anybody have any idea what is going wrong here?
Thanks,
Mattias Arbin
Importing a cert from Thawte
I have now got a valid certificate from Thawte, (i.e a real one, not a test
cert). I am now trying to import it into my keystore without success.
I genereated my certificate request like this:
keytool -genkey -keyalg "RSA" -alias myalias -keystore keystore -dname
"cn=www.[mydomain].com, ou=[MyCompany], o=[My Company], c=SE, S=[Mystate],
l=[mycity]" -validity 360
keytool -certreq -keyalg "RSA" -alias myalias -file
www.[mycompany].com.csr -keystore keystore
The only thing that differs from the Orion docs is that I use an alias
'myalias' instead of the default 'mykey'.
When getting my certificate from Thawte I could choose from a number of
formats. The two that seems to fit is
'Standard Certificate Format' (BASE64 encoded, DER encoded X.509v3 cert.)
'PKCS #7 Certificate Chain' ("Newer servers and development toolkits support
"certificate chains". This format allows Thawte to deliver a full
certificate chain to you, which in turn makes for superior key management
and flexibility.")
When trying to import either one of the above I get:
keytool -import -keystore keystore -file mythawtecert.cer -keyalg
"RSA" -alias myalias -trustcacerts
Enter keystore password: mypassword
keytool error: java.lang.Exception: Input not an X.509 certificate
After reading the docs on keytool, I am still not completely sure if to use
"-alias myalias" so I tried that too:
keytool -import -keystore keystore -file mythawtecert.cer -keyalg
"RSA" -trustcacerts
Enter keystore password: mypassword
keytool error: java.security.cert.CertificateException: Unsupported encoding
Does anybody have any idea what is going wrong here?
Thanks,
Mattias Arbin
