Hi David,
http://java.sun.com/j2se/1.4.2/docs/tooldocs/windows/keytool.html
says there are two modes for importing certificates.
1. You choose an alias, which is already present in your keystore.
keytool will assume, that the cert is a certificate reply (which is
probably wrong in your case)
2. The choosen alias is not present in your keystore.
keytool thinks the certificate is a trusted certificate.
Since I think the second case is the one you are facing. You could either
choose another alias and change your code to use the new alias name, or
get rid of the old certificate (atleast change its alias).
WARNING
I haven't tried if it will work, and I really don't know if it should
work. So you really really should read the documentation and save the
original keystore first.
Bye
Felix
On Wed, September 10, 2008 5:40 pm, [EMAIL PROTECTED] wrote:
...
> Tomcat version: Tomcat 5.5.20
> JDK: 1.5.0_06
> OS: Windows Server 2003, Standard Edition
...
> certificates into our keystore, and things are working fine. Our partner
> now sends us a new certificate and tells us we need to import this new
> one.
> So I execute the following...
>
> keytool -import -alias <keystore alias> -keystore <path to
> keystore>\.keystore -file <path to certificate>\CompanynameProdCert.der
>
> Keytool asks me for our keystore password, which I supply, and then I get
> the following error:
>
> keytool error: java.lang.Exception: Public keys in reply and keystore
> don't
> match
>
> I am a complete and total novice regarding SSL and cryptography in
> general,
> so please don't lambaste me for not knowing the basics, but after having
> consulted Google, I'm pretty much at a loss regarding how to proceed.
>
> Any help will be very much appreciated.
>
> TIA,
> David
>
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
