Am Freitag, den 29.07.2011, 10:44 -1000 schrieb Sammaiah Kyatham: > Hello Felix, > > Thanks for the response. > > I have received new certificated based on new CSR generated. > While importing cert in to key, I'm getting the following error: > java.lang.Exception: Failed to establish chain from reply > > Here is the keytool command that I used for this: > > keytool -import -alias tomcat -keystore c:/cert/final/private_key > -trustcacerts -file c:/cert/final/cert.cer.txt > Enter keystore password: > keytool error: java.lang.Exception: Failed to establish chain from reply I think you don't want to add the cert into your trustcacert, so try removing -trustcacerts from your command line.
Bye Felix > > I'm I missing something here.... Thanks in advance. > > Sammaiah > > > On 27 July 2011 19:41, Felix Schumacher > <felix.schumac...@internetallee.de>wrote: > > > > > > > Sammaiah Kyatham <sammaiahf...@googlemail.com> schrieb: > > > > >Hello, > > > > > Your keystore has no private key. > > The output of keytool below shows only a certificate. > > You can use keytool -importkeystore to import key and certificate at the > > same time. > > > > Regards > > Felix > > >Could you help me on this issue. I spent many hours with the various > > >options > > >> and couldn’t resolve. > > >> > > >> > > >> > > >> I have configured the server.xml as per the tomcat configuration, > > >however > > >> I’m getting below errors. > > >> > > >> > > >> > > >> <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" > > >> keystoreFile="C:\Program Files\Java\jre6\bin\hakioskcheckin2_key" > > >> keystorePass="PrivatePWD" keyAlias="tomcat" maxThreads="150" > > >scheme="https" > > >> secure="true" clientAuth="false" sslProtocol="TLS" /> > > >> > > >> > > >> > > >> The exception in Catelina log: > > >> > > >> > > >> > > >> Jul 27, 2011 4:28:25 PM org.apache.coyote.http11.Http11Protocol init > > >> > > >> SEVERE: Error initializing endpoint > > >> > > >> java.io.IOException: Alias name tomcat does not identify a key entry > > >> > > >> at > > >> > > > > >org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:546) > > >> > > >> at > > >> > > > > >org.apache.tomcat.util.net.jsse.JSSESocketFactory.init(JSSESocketFactory.java:481) > > >> > > >> at > > >> > > > > >org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:156) > > >> > > >> at > > >> org.apache.tomcat.util.net.JIoEndpoint.init(JIoEndpoint.java:538) > > >> > > >> at > > >> org.apache.coyote.http11.Http11Protocol.init(Http11Protocol.java:176) > > >> > > >> at > > >> > > >org.apache.catalina.connector.Connector.initialize(Connector.java:1022) > > >> > > >> at > > >> > > > > >org.apache.catalina.core.StandardService.initialize(StandardService.java:703) > > >> > > >> at > > >> > > > > >org.apache.catalina.core.StandardServer.initialize(StandardServer.java:838) > > >> > > >> at > > >> org.apache.catalina.startup.Catalina.load(Catalina.java:538) > > >> > > >> at > > >> org.apache.catalina.startup.Catalina.load(Catalina.java:562) > > >> > > >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native > > >Method) > > >> > > >> at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown > > >Source) > > >> > > >> at > > >sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown > > >> Source) > > >> > > >> > > >> > > >> > > >> > > >> When list the key using keytool, It lists alias tomcat as > > >> > > >> keytool -list -keystore hakioskcheckin2_key -storepass XXXXXX > > >> Keystore type: JKS > > >> Keystore provider: SUN > > >> > > >> Your keystore contains 1 entry > > >> > > >> tomcat, Jul 26, 2011, trustedCertEntry, > > >> Certificate fingerprint (MD5): -removed intentionally- > > >> > > >> > > >> > > >> *If I remove alias from server.xml then following exception is > > >throwing* > > >> > > >> > > >java.io.IOException< > > http://download.oracle.com/javase/6/docs/api/java/io/IOException.html>: > > >> jsse.invalid_ssl_conf > > >> at > > >> > > > > >org.apache.tomcat.util.net.jsse.JSSESocketFactory.checkConfig(JSSESocketFactory.java:755) > > >> > > >> at > > >> > > > > >org.apache.tomcat.util.net.jsse.JSSESocketFactory.init(JSSESocketFactory.java:460) > > >> > > >> at > > >> > > > > >org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:130) > > >> > > >> at org.apache.tomcat.util.net.JIoEndpoint.init(JIoEndpoint.java:538) > > >> at > > >org.apache.coyote.http11.Http11Protocol.init(Http11Protocol.java:176) > > >> at > > >org.apache.catalina.connector.Connector.initialize(Connector.java:1014) > > >> > > >> at > > >> > > > > >org.apache.catalina.core.StandardService.initialize(StandardService.java:680) > > >> > > >> at > > >> > > > > >org.apache.catalina.core.StandardServer.initialize(StandardServer.java:795) > > >> > > >> at org.apache.catalina.startup.Catalina.load(Catalina.java:524) > > >> at org.apache.catalina.startup.Catalina.load(Catalina.java:548) > > >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > > >> > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > > For additional commands, e-mail: users-h...@tomcat.apache.org > > > > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
