File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Security and the fly likes Keytool woes Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "Keytool woes" Watch "Keytool woes" New topic

Keytool woes

Buddy Hihn

Joined: Apr 13, 2012
Posts: 1

OK you tomcat gurus out there.

Windows server 2008
Tomcat 7.0.26
SSL emplemantation

I have created a keystore, cert request and imported the signed cert. I have created the server keystore and imported the chains. Everything worked on server A but now onserver B, everything seems to work except https. Combing through the logs, Catalina indicates that the keystore is not found. I copied the path and plugged it into the PKI connector in the server.xml file. I even have tried adding the-alias tag to the connector. I give up and issue the keytool -delete alias x -keystore %path to keystore%.keystore. Entry is deleted and verified using keytool -v -list -keystore %path to Keystore%.keystore.
Now when I try to import the same cert, I get the all too familiar not an x.509 certificate error. It worked before but not now. This is repeatable, I've burned up two certs.

1.0 What does the -delete do to the keystore?
2.0 Why can't the cert be imprted again?
3.0 Why is the cert acceptable and then not an x.509. I was before.

Thanks in advance

Many thanks to those that share and instruct.
I agree. Here's the link:
subject: Keytool woes
It's not a secret anymore!