look at "openssl pkcs12"
Jan Fetyko wrote:
Sorry for the dump question but what is pkcs12 ? And how did you use the certification files with that ?
Jf
On Wed, 02 Apr 2003 10:34:34 -0500 "Mark W. Webb" <[EMAIL PROTECTED]> wrote:
I ended up using a pkcs12 file instead of a java keystore. Not sure if this helps, but it looks like you are using openssl, so you should be able to use the openssl command line tools.
Giulia Hill wrote:
--Following the How-to, I have almost successfully activated SSL on tomcat 4.1. The problem I'm having is that I can't load the Verisign certificate, a certificate which I already have and that I'm using with Apache.
this is what I have done
% keytool -genkey -alias tomcat -keyalg RSA -keystore ./.keystore and entered the values of CN etc. as they appear also on the certificate
I have downloaded the verisign.crt from the site indicated on the docs % keytool -import -alias root -keystore ./.keystore -trustcacerts -file verisign.crt
However if I use my certificate as it is, I get the error % keytool -import -alias tomcat -keystore ./.keystore -trustcacerts -file sunsite2.crt java.io.IOException: DerInputStream.getLength(): lengthTag=127, too big.at sun.security.util.DerInputStream.getLength(DerInputStream.java:513)
I thougth it could be that the certificate was not in X509 format, so I have done the conversion as % /opt/openssl-0.9.6b/apps/openssl x509 -outform DER -in sunsite2.crt -out sunsite2.X509.crt
But, when I try to load it into the keystore I get the error: % keytool -import -alias tomcat -keystore ./.keystore -trustcacerts -file sunsite2.X509crt keytool error: java.lang.Exception: Public keys in reply and keystore don't match
What am I doing wrong? Generating a new certificate is not an option since we have already paid for the current one, so I need to be able to use what I already have
Thank for your suggestions,
Giulia
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Mark Webb
Software Engineer
Dolphin Technology
474 Phoenix Drive
Rome, NY 13441-4911
Phone : 315.838.7000 : 315.838.7024
Fax : 315.838.7096
Email : [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Jan Fetyko ScriptFighter Phase 2 Development 4100 Perimeter Center, #310 Oklahoma City OK 73112
email: [EMAIL PROTECTED] (p) 405.917.3777 (p) direct line: 405.917.3779 (url) http://www.phase2online.com "Oklahoma City's fastest growing web development company"
Today's "fortune":
Kirk to Enterprise -- beam down yeoman Rand and a six-pack.
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--
Mark Webb
Software Engineer
Dolphin Technology
474 Phoenix Drive
Rome, NY 13441-4911
Phone : 315.838.7000 : 315.838.7024
Fax : 315.838.7096
Email : [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
