Announcement Announcement Module
Collapse
No announcement yet.
Embedded tcServer local ssl cert cannot be imported to keystore on ubuntu 11.10 64bit Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Embedded tcServer local ssl cert cannot be imported to keystore on ubuntu 11.10 64bit

    I was attempting to setup Spring Security to use CAS for single signon. The instructions require a certificate to be installed in the local keystore. After building a tcServer profile based on the bio and bio-ssl templates, i attempted to install the tcserver.keystore into my local keystore and all attempts fail for the following exception:

    OS: Ubuntu 11.10 64-bit
    JDK: OpenJDK 1.6

    Code:
    $ keytool -v -import -file conf/tcserver.keystore -storepass password
    keytool error: java.lang.Exception: Input not an X.509 certificate
    java.lang.Exception: Input not an X.509 certificate
    	at sun.security.tools.KeyTool.addTrustedCert(KeyTool.java:1983)
    	at sun.security.tools.KeyTool.doCommands(KeyTool.java:866)
    	at sun.security.tools.KeyTool.run(KeyTool.java:194)
    	at sun.security.tools.KeyTool.main(KeyTool.java:188)
    From the research that I have done, it appears this is due to a space at the end of the tcserver.keystore file.

    Here is the result of listing that cert on my platform:
    Code:
    $ keytool -v -list -keystore conf/tcserver.keystore 
    Enter keystore password:  
    
    Keystore type: JKS
    Keystore provider: SUN
    
    Your keystore contains 1 entry
    
    Alias name: tcserver
    Creation date: Nov 24, 2008
    Entry type: PrivateKeyEntry
    Certificate chain length: 1
    Certificate[1]:
    Owner: CN=tcServer Developer/Admin, OU=Engineering/Operations, O=Springsource Inc, L=San Mateo, ST=CA, C=US
    Issuer: CN=tcServer Developer/Admin, OU=Engineering/Operations, O=Springsource Inc, L=San Mateo, ST=CA, C=US
    Serial number: 492b58ca
    Valid from: Mon Nov 24 20:45:46 EST 2008 until: Thu Nov 22 20:45:46 EST 2018
    Certificate fingerprints:
    	 MD5:  DF:82:FC:6C:55:75:3B:47:D1:21:2B:C5:3B:B6:39:3E
    	 SHA1: B9:E9:84:08:B2:5E:B1:2A:D6:F4:0A:43:06:28:D6:2C:3F:BD:0D:E9
    	 Signature algorithm name: MD5withRSA
    	 Version: 1
    
    
    *******************************************
    *******************************************

  • #2
    Hey!

    I moved this into the tc Server group, guess more people in this group are aware of the details behind this certification installation problem...

    HTH,
    Martin

    Comment

    Working...
    X