Sorry for the dump question but what is pkcs12 ? And how did you use the certification files with that ?
Jf On Wed, 02 Apr 2003 10:34:34 -0500 "Mark W. Webb" <[EMAIL PROTECTED]> wrote: > I ended up using a pkcs12 file instead of a java keystore. Not sure if > this helps, but it looks like you are using openssl, so you should be > able to use the openssl command line tools. > > Giulia Hill wrote: > > >Following the How-to, I have almost successfully activated SSL on tomcat > >4.1. The problem I'm having is that I can't load the Verisign certificate, > >a certificate which I already have and that I'm using with Apache. > > > >this is what I have done > > > >% keytool -genkey -alias tomcat -keyalg RSA -keystore ./.keystore > >and entered the values of CN etc. as they appear also on the certificate > > > >I have downloaded the verisign.crt from the site indicated on the docs > >% keytool -import -alias root -keystore ./.keystore -trustcacerts -file verisign.crt > > > >However if I use my certificate as it is, I get the error > >% keytool -import -alias tomcat -keystore ./.keystore -trustcacerts -file > >sunsite2.crt > >java.io.IOException: DerInputStream.getLength(): lengthTag=127, too big.at > >sun.security.util.DerInputStream.getLength(DerInputStream.java:513) > > > >I thougth it could be that the certificate was not in X509 format, so I > >have done the conversion as > >% /opt/openssl-0.9.6b/apps/openssl x509 -outform DER -in sunsite2.crt -out > >sunsite2.X509.crt > > > >But, when I try to load it into the keystore I get the error: > >% keytool -import -alias tomcat -keystore ./.keystore -trustcacerts -file > >sunsite2.X509crt > >keytool error: java.lang.Exception: Public keys in reply and keystore don't match > > > >What am I doing wrong? Generating a new certificate is not an option since > >we have already paid for the current one, so I need to be able to use what > >I already have > > > >Thank for your suggestions, > > > >Giulia > > > > > >--------------------------------------------------------------------- > >To unsubscribe, e-mail: [EMAIL PROTECTED] > >For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > -- > Mark Webb > Software Engineer > Dolphin Technology > 474 Phoenix Drive > Rome, NY 13441-4911 > > Phone : 315.838.7000 > : 315.838.7024 > Fax : 315.838.7096 > Email : [EMAIL PROTECTED] > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > Jan Fetyko ScriptFighter Phase 2 Development 4100 Perimeter Center, #310 Oklahoma City OK 73112 email: [EMAIL PROTECTED] (p) 405.917.3777 (p) direct line: 405.917.3779 (url) http://www.phase2online.com "Oklahoma City's fastest growing web development company" Today's "fortune": Kirk to Enterprise -- beam down yeoman Rand and a six-pack. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
