The biggest issue I had was making sure the Aliases are EXACTLY the same. Also make sure the certs are imported in the correct order.
--- Mark Liu <[EMAIL PROTECTED]> wrote: > I want to run Tomcat SSL with a certificate issued > by > a certification authority I write. > > I am getting this exception: > > Public keys in reply and keystore don't match > > when I was trying to import a cert obtained from my > certification authority, an application I write > myself. > > Look, this is the public key modulus of the > self-signed cert generated by keytool. I got this > with a little Java application which reads the > keystore. > > 1455069284194502322511586612427835896501117343193426 > 1277698580642282319386580591964584468845888978125540 > 4518567671864716720860391438340619569576370607201589 > 3597036773285578759967861684947201411771194610241696 > 2195897050728953234159981469972108152218694712333750 > 6190126517212329374573410343657665600894042769733 > > And on my CA server side, I also print out the > client > public key modulus, which is extracted from the CSR: > > 1455069284194502322511586612427835896501117343193426 > 1277698580642282319386580591964584468845888978125540 > 4518567671864716720860391438340619569576370607201589 > 3597036773285578759967861684947201411771194610241696 > 2195897050728953234159981469972108152218694712333750 > 6190126517212329374573410343657665600894042769733 > > Man, they are the same! > > But when I try to import the cert issued by my CA > into > the keystore, I get the exception like so: > > C:\>keytool -import -alias tomcat -trustcacerts > -file > tomcatcert.cer > Enter keystore password: changeit > keytool error: java.lang.Exception: Public keys in > reply and keystore don't match > > How come????? > > Any idea? > > __________________________________________________ > Do you Yahoo!? > Yahoo! Web Hosting - establish your business online > http://webhosting.yahoo.com > > --------------------------------------------------------------------- > To unsubscribe, e-mail: > [EMAIL PROTECTED] > For additional commands, e-mail: > [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
