I wasn't aware that after I converted the cert that i needed to place the
converted cert into the keystore. Here's what I've now done to add the cert.
Server Side:
1. Generate a new keypair for wget
# keytool -genkeypair -alias wget -keystore /keys/wget.p12 -storetype
pkcs12 -keyalg RSA -dname
Problem fixed:
1) Convert server cert
openssl x509 -inform DER -outform PEM -in servercert.crt -out servercert.pem
2) Break out user cert and key from container
openssl pkcs12 -nocerts -in user.p12 -out userkey.pem
openssl pkcs12 -nokeys -in user.p12 -out usercert.pem
3) wget it
wget
please keep the mailing list CC'ed in your replies.
It seems the server doesn't accept the client certificate. Are you sure
the cert.pem certificate is included in keystore.jks?
Giuseppe
brad bruggemann bradley.bruggem...@gmail.com writes:
Giuseppe,
There's a correction to my original