File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Security and the fly likes IBM keytool not self-signing certificates Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of OCA/OCP Java SE 7 Programmer I & II Study Guide this week in the OCPJP forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "IBM keytool not self-signing certificates" Watch "IBM keytool not self-signing certificates" New topic

IBM keytool not self-signing certificates

John Eric Hamacher
Ranch Hand

Joined: Apr 25, 2007
Posts: 230

I am trying to generate a self-signed certificate with the keytool in the jdk shipped with RAD 7. It will not self-sign my certificates. I've tried several variations of the genkey statement. Here is what I did . . . any help would be appreciated. Thanks, Eric.

C:\Program Files\IBM\SDP\jdk\bin>keytool -genkey -alias -WAS2 -keyalg RSA -store
pass simssims -keypass simssims -keystore sims.p12
What is your first and last name?
What is the name of your organizational unit?
[Unknown]: apps
What is the name of your organization?
[Unknown]: dpi
What is the name of your City or Locality?
[Unknown]: madison
What is the name of your State or Province?
[Unknown]: wi
What is the two-letter country code for this unit?
[Unknown]: us
Is, OU=apps, O=dpi, L=madison, ST=wi, C=us correct? (type "ye
s" or "no")
[no]: yes

C:\Program Files\IBM\SDP\jdk\bin>keytool -list -rfc -keystore "C:\Program Files\
Enter keystore password:

Keystore type: pkcs12
Keystore provider: IBMJCE

Your keystore contains 1 entry

Alias name: -was2
Creation date: May 23, 2011
Entry type: keyEntry
Certificate chain length: 1

James Sabre
Ranch Hand

Joined: Sep 07, 2004
Posts: 781

What am I missing. That looks to be a self signed certificate since the the issuer and subject are the same.

Retired horse trader.
 Note: double-underline links may be advertisements automatically added by this site and are probably not endorsed by me.
John Eric Hamacher
Ranch Hand

Joined: Apr 25, 2007
Posts: 230
Thanks for your help. When I give this keystore to my Websphere administrator, he says WebSphere is telling him it is unsigned. It sounds lie this may be a WebSphere problem.

wood burning stoves
subject: IBM keytool not self-signing certificates