Re: [OT] import public certificate

[Christopher Schultz <ch...@christopherschultz.net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Chuck,

On 3/24/2010 2:02 PM, Toman, Chuck [Stock] wrote:
> I'm getting this error when trying to merge CERT into keystore
> 
> c:\Program Files\Java\jre6\bin>keytool -import -alias tomcat -keystore
> c:\sbskeytools\keys\sbs.keystore -trustcacerts -file
> "c:\sbskeytools\keys\ebiz-sslcert.cer"
> 
> keytool error: java.security.cert.CertificateException:
> sun.security.pkcs.ParsingException: ObjectIdentifier() -- data isn't an object ID (tag = 48)

- From the 'keytool' man page:

"
keytool can import X.509 v1, v2, and v3 certificates, and PKCS#7
formatted certificate chains consisting of certificates of that
type. The data to be imported must be provided either in binary
encoding format, or in printable encoding format (also known as
Base64 encoding) as defined by the Internet RFC 1421 standard. In
the latter case, the encoding must be bounded at the beginning by
a string that starts with "-----BEGIN", and bounded at the end by
a string that starts with "-----END".
"

Do you have a certificate file that meets these requirements? You may
have to convert using openssl or another tool before using keytool.

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkuqetIACgkQ9CaO5/Lv0PCI9ACgh5kkUQtO33wxVW6oOf8IgCgt
enMAn3ju4xUt9BAOfBcDb6v430bvtD7d
=Omeh
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org