Importing a pre-existing RSA key/certificate into a Java keystore.

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Importing a pre-existing RSA key/certificate into a Java keystore.

Sanjay Vivek
Hi everyone,
I'm attempting to store my pre-existing RSA key/certificate into a Java
keystore using the extkeytool. I got my server certificate signed by the
Bossie CA, which is a CA that issues certificates for nothing more then
testing purposes. When I run the command ""extkeytool -importkey -alias reto
-keyfile C:\pki\reto.key.pkcs8 -keystore C:\pki\reto.jks -storepass
KEYSTOREPASS -provider org.bouncycastle.jce.provider.BouncyCastleProvider
-certfile C:\pki\reto.crt", I get the following error message:"Incomplete
certificate chain. Cannot Perform Operation: Incomplete cerficate chain.".
From what I've read about the Java keystore facility,  I need to have my
server certificate signed with the full chain up to to the root CA
certificate and consist of a certificate bundle file. This file should
include a series of PEM-encoded X509 certificates representing a complete
trust chain, from the root CA certificate to the certificate that matches my
private key. My question is how do I go about signed up with the full chain
up to the root CA certificate? How do I go about getting the CA signer
certificate (which in this case would from Bossie) since all I received when
I got my certificate request signed is my own server certificate. Any sort
of help would be greatly appreciated. Cheers.


winmail.dat (2K) Download Attachment