2016-07-01 16:08 GMT-04:00 Christopher Schultz <ch...@christopherschultz.net >:
> > > > > Thank you for the reply. How would I go about specifying the alias > > of the certificate? > > You may have to re-import it, but I've had bad experiences with Java > keystores so ALWAYS keep a backup in case you host something. > > The first item in your keystore certainly looks like a certificate to > me. It's the *second* item that is a private key. > > What if you add these attributes to your connector: > > keyAlias="root" > > ? > > If that doesn't work, try using a tool like Portecle to try to adjust > some things (like the "aliases"). It's much better and safer than > using keytool IMO. Remember ALWAYS KEEP A BACKUP! > > Chris, in a keystore, the entry with the certificate created using the private key from that keystore is a single entry identified as PrivateKey. If you have a single certificate created from a private key in that keystore you will have only one entry, not two and it will be labeled as private key. In fact, it can be checked using the -v option to print details about each entry. This should be enough to identify without ambiguity which entry is what. This is what I recommend to do in order to understand what really is in the keystore. I doubt the alias root with the first entry in the keystore is actually the certificate needed here. Sean, print the details and you will have the alias and Common Name clearly identified on the output in a verbose format. Use the -v option to the keytool command for this. No need to post everything here if you are unsure. ----------------- Daniel Savard
