Mr.Madhav, Just u do like this. did u ever open the cert? lt shows like a window with some details. right? lt has three tabs on the top a) General b) Details c) Certification Path. u go for Details. There u can see Copy to File button to the bottom. Now u change the cert to .der encoded cert and try to import with keytool.
regards Rams -----Original Message----- From: Madhav Tadikonda [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 05, 2001 2:31 AM To: [EMAIL PROTECTED] Subject: SSL Standalone Tomcat 4.0 Windows NT - Thawte I was wondering if anyone has successfully installed a commercial cert into Tomcat 4.0 on Windows using the "keytool" function? I am following the attached instructions and got to the final step (keytool -import -alias tomcat -trustcacerts..) of importing my test Thawte certificate and I get the following error: keytool error: java.security.cert.CertificateException: Unsupported encoding I was wondering if anyone has experienced this problem? I am having issues with OpenSSL and was hoping to just use the keytool function. Thank you, Madhav Some day's ago [EMAIL PROTECTED] sent the attached mail: >-----Ursprüngliche Nachricht----- >Von: Jon Shoberg [mailto:[EMAIL PROTECTED]] >Gesendet: Donnerstag, 27. September 2001 00:41 >An: [EMAIL PROTECTED] >Betreff: Thawte, SSL, and Tomcat <snip/> > Does anyone have, literally, "blind instructions" for setting up a >commercial SSL cert? The current docs are pretty good but I am looking for >something related to tomcat 3.x.x which covers creation and install of a >commercial cert. <snip/> --- Begin Message --- Hi, after long time of trying to setup a (demo)certificate from thawte.com or trustcenter.de I finally made it. And because of the numerous questions on this list concerning this topic, I thought it would be a good idea to share my gained "wisdom" :-) So what follows is a step-by-step instruction on how to install a commercial (*not* self signed or openssl) certificate: 1. generate a local certificate: keytool -genkey -alias tomcat -keyalg RSA -keystore <myfile> where <myfile> is the name of the desired keystore-file 2. generate the CSR (you need it to request your (demo)certificate) keytool -certreq -keyalg RSA -alias tomcat -file certreq.pem -keystore <myfile> now you have a file called "certreq.pem". Send this to your trustcenter. 3. most trustcenters do not deliver a so called "chained certificate", so you have to install their root-certificate (their website says where to find it) keytool -import -alias root -keystore <myfile> -trustcacerts -file <root-cert-file> 4. after your final (demo)certificate has been sent to you, install it like this keytool -import -alias tomcat -keystore <myfile> -trustcacerts -file <received-cert-file> For the tomcat-specific part of the installation go to the *real good* tomcat-doc-page: http://jakarta.apache.org/tomcat/tomcat-4.0-doc/ssl-howto.html I hope it helped somebody... If there are any questions/suggestions/etc... simply hit "REPLY" (-: greets, pero _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp -- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]> -- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]>