Hi, I think I have seen this Exception. I had certificate with both human readable and encoded parts. I deleted human readable part (I left only encoded part between -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- including these tags). After this, I was able to import this certificate.
Lipi > -----Original Message----- > From: Julie McCabe [mailto:[EMAIL PROTECTED] > Sent: Thursday, May 27, 2004 4:21 PM > To: Tomcat Users List > Subject: Re: X509 certificates and https > > Hi, > > I tried the following command > > keytool -import -alias tomcat -keystore server.ks -trustcacerts -file > server.crt > > with my certificate and key which are in pem format and it returned > keytool error: java.lang.Exception: Input not an X.509 certificate > > > I have the CA certifcate stored in my browser but cant see how I can > export > it? > > Thanks > Julie. > > On Thursday 27 May 2004 15:24, [EMAIL PROTECTED] wrote: > > The only thing you have to do is running the java keytool utily with > > following command: > > > > keytool -import -alias tomcat -keystore server.ks -trustcacerts -file > > server.crt > > > > This inserts thet server.crt certificate into the keystore that tomcat > > uses. > > > > Your CA scertificate needs to be in the trusted keystore of your JRE > under > > which Tomcat runs. > > If this is not the case put it in there as follows: > > > > keytool -import -keystore %JAVA_HOME%/lib/security/cacerts -file ca.pem > > -alias my_alias > > > > This inserts the root certificate ca.pem into the trusted keystore of > the > > JRE being used. > > > > This should work. > > > > Ron Blom > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]