Mohan,
On 6/28/22 09:54, Mohan T wrote:
I am trying top import the certificate into keystore and encountered the
below error.
Would appreciate if you could throw some light on this
$ keytool -importkeystore -srckeystore /home/ilas/Downloads/okta.cert
-srcstoretype pkcs12 -destkeystore /home/ilas/Downloads/keystore.jks
-deststoretype JKS
Importing keystore /home/ilas/Downloads/okta.cert to
/home/ilas/Downloads/keystore.jks...
Enter destination keystore password:
Enter source keystore password:
keytool error: java.io.IOException: toDerInputStream rejects tag type 45
Open your okta.cert file in notepad/less or similar. Does it look like this?
-----BEGIN CERTIFICATE-----
[stuff]
-----END CERTIFICATE-----
If so, then you want to do this:
$ keytool -importcert -keystore /home/ilas/Downloads/keystore.jks -alias
'Okta 2022' < /home/ilas/Downloads/okta.cert
The cert may be in DER format which is just the same format but not
using base64-encoding with the -----BEGIN and -----END wrapper around
it. keytool can read that type of cert as well using the command above.
If you aren't super comfortable with keystores, PEM and/or DER files,
etc. then I would suggest that you use a tool that can help you manage
these things that will help you avoid mistakes such as Keystore Explorer:
https://keystore-explorer.org/
-chris
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
