Forum Stats

  • 3,825,929 Users
  • 2,260,581 Discussions
  • 7,896,738 Comments

Discussions

Importing Certificate error "Input not an X.509 certificate"

Sieb_Cloud
Sieb_Cloud Member Posts: 3
edited Jun 13, 2018 2:58AM in Cryptography

Hello Team,

We have created CSR (Certificate Request Generation), as per below commands, for each server(we have 4 servers)

1) KEYSTORE GENERATION for serverapp1

keytool -genkey -alias siebelapp1 -keystore F:\certs\keystore\siebelkeystore.jks -keyalg RSA -sigalg SHA1withRSA -dname "CN=serverhost.domain, C=AU, L=Melbourne, ST=Victoria, O=ABC"

2) GENERATOING CSR for serverapp1

keytool -certreq -alias siebelapp1 -keystore F:\certs\keystore\siebelkeystore.jks -file F:\certs\keystore\siebelkeystoreapp1.csr

And sent it to our security team to sign it with proper CA and send us back, along with root CA certificate

> We received four CA root certificate, one  for each server. As per my understanding, root certificate should be only one? But I don't have much idea on this subject, please suggest.

> We received four CSR signed certificate in .csr format

3) IMPORT CERTIFICATES (RROT & CSR Signed) in JKS

a) keytool -importcert -alias ca -file c:\ca\caroot.cer -keystore c:\keys\siebelkeystore.jks   ----> ROOT CA CERT

b) keytool -importcert -alias siebel -file c:\keys\siebelkeystoreCASigned.cer -keystore c:\keys\siebelkeystore.jks   ----> CSR SIGNED CERT

Issue:

A] We were able to import first Root CA certificate successfully, but it throws below error, while importing second RootCA certificate

this certificate is already in the keystore under <aliasname>. Do you want to overwrite it ?

What should we do here?

B] While importing CSR signed certificate, received error

java.lang.exception input not an x.509 certificate

Please help to understand the cause of above two issue, and its solution.

Thanks,

Shilpi

Tagged:
This discussion has been closed.