Skip to Main Content
Forums

Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Interested in getting your voice heard by members of the Developer Marketing team at Oracle? Check out this post for AppDev or this post for AI focus group information.

Trouble using keystore in PKCS12 format

843811Sep 24 2008 — edited Sep 24 2008
Has anyone had much luck using a Java keystore in PKCS12 format? I work at a company where we use this format to store SSL certificates. Unfortunately keytool doesn't seem to work well with it. I have a certificate chain in DER format, and I am trying to import the file into our keystore.

keytool -import -alias aliasname -file vChain.cer -keystore keystore.p12 -storetype pkcs12
Enter keystore password:
...snip...
Trust this certificate? [no]: yes
keytool error: java.security.KeyStoreException: TrustedCertEntry not supported

Is it possible to import a DER or PEM certificate into a PKCS12 keystore? I have tried using openssl to convert the certificate into PKCS12 format before importing, but that doesn't work either, because it complains about not finding a private key.

Any help would be appreciated! Thanks.

Comments

Vlad Visan-Oracle
Answer

TLS 1.2 works in 12c by default.

For 11gR2, you can only use it in 11.2.0.4 with MES Bundle Patch ( see MOS Note 2026419.1 ).

You cannot use TLS1.1 or 1.2 in previous versions ( 11.2.0.3 or any version behind )

Marked as Answer by user12840908 · Sep 27 2020
user12840908

Thanks Viad Visan! it's very helpful. If you could also please provide a link for 11.2.0.3 or previous version from Oracle.

1 person found this helpful
Vlad Visan-Oracle

11.2.0.4 is the only 11gR2 version that got TLSv1.2 and 1.1 backported from 12c.

In 11.2.0.3 or previous versions, only TLSv1.0 can be used.

1 person found this helpful
1 - 3
Locked Post
New comments cannot be posted to this locked post.

Post Details

Locked on Oct 22 2008
Added on Sep 24 2008
#other-security-apis-tools-and-issues
2 comments
25,987 views