(previous reply) Sent: Friday, 11 June, 2010 22:28 > > From: [email protected] On Behalf Of Jeremy Bennett > > Sent: Thursday, 10 June, 2010 23:03 > > > t I'm having a heck of a time trying to get a renewed cert > > loaded up into Tomcast for our CAS system. It keeps saying > > 'unable to load private key'. It's worked before but this > > time we have a renewed cert. Anyone have any ideas? > > <snip PKCS12 stuff>
On further thought, why are you going through PKCS12 at all? *If* your goal is to get a new cert *for the same keypair* into the jks that Tomcat (or other java app) uses, you can just use java keytool to import it (with its chain if not already in the truststore default JRE/lib/security/cacerts). Also for a new keypair generated in java (same or diff jks, temporarily selfsigned) and used to request the new cert. Only if you've generated a new keypair outside of java, e.g. in openssl, and obtained a cert for it, do you need openssl (or other) to create a PKCS12 that java can import. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [email protected]
