Topic
  • 3 replies
  • Latest Post - ‏2011-10-19T23:35:04Z by zabalex
gllambi
gllambi
2 Posts

Pinned topic Import pfx into my keystore

‏2011-04-06T21:52:39Z |
Hi!

Does anybody knows how can I import a pfx certificate into a jks keystore? I've been looking at the IKeyman tool and the importkey command but not sure about it:

gsk7cmd -cert -import -file cert.pfx -pw cerpfxpassword -label ssl-server -type pkcs12 -new_label ssl-server-new-label -target my.keystore -target_pw mypasswd -target_type JKS -pfx

thanks in advance!
Guzmán
Updated on 2011-10-19T23:35:04Z at 2011-10-19T23:35:04Z by zabalex
  • SystemAdmin
    SystemAdmin
    2262 Posts

    Re: Import pfx into my keystore

    ‏2011-04-15T07:04:27Z  
    pfx is itself a keystore format, not a certificate.
    See if this or this helps.
  • gllambi
    gllambi
    2 Posts

    Re: Import pfx into my keystore

    ‏2011-04-15T15:36:26Z  
    pfx is itself a keystore format, not a certificate.
    See if this or this helps.
    Hi! thanks for the links and answer

    I tried using jetty library but I had the following error:
    Exception in thread "main" java.io.IOException: Error in loading the keystore: Private key decryption error: (java.security.InvalidKeyException: Illegal key size)
    at com.ibm.crypto.provider.PKCS12KeyStore.engineLoad(Unknown Source)
    at java.security.KeyStore.load(KeyStore.java:1173)
    at org.mortbay.jetty.security.PKCS12Import.main(PKCS12Import.java:95)

    I found that this is because of the restricted security policies:
    - https://www-304.ibm.com/support/docview.wss?uid=swg21307099
    - http://www.ibm.com/developerworks/forums/thread.jspa?messageID=14005859

    So, I downloaded the policy files, but the error persists. This is my java version:

    java version "1.5.0"
    Java(TM) 2 Runtime Environment, Standard Edition (build pxa64dev-20061002a (SR3) )
    IBM J9 VM (build 2.3, J2RE 1.5.0 IBM J9 2.3 Linux amd64-64 j9vmxa6423-20061001 (JIT enabled)
    J9VM - 20060915_08260_LHdSMr
    JIT - 20060908_1811_r8
    GC - 20060906_AA)
    JCL - 20061002

    I found that the files are for jdk 1.4+ is this ok or there other special for jdk 5?

    Thanks in advance!
    Guzmán
  • zabalex
    zabalex
    1 Post

    Re: Import pfx into my keystore

    ‏2011-10-19T23:35:04Z  
    • gllambi
    • ‏2011-04-15T15:36:26Z
    Hi! thanks for the links and answer

    I tried using jetty library but I had the following error:
    Exception in thread "main" java.io.IOException: Error in loading the keystore: Private key decryption error: (java.security.InvalidKeyException: Illegal key size)
    at com.ibm.crypto.provider.PKCS12KeyStore.engineLoad(Unknown Source)
    at java.security.KeyStore.load(KeyStore.java:1173)
    at org.mortbay.jetty.security.PKCS12Import.main(PKCS12Import.java:95)

    I found that this is because of the restricted security policies:
    - https://www-304.ibm.com/support/docview.wss?uid=swg21307099
    - http://www.ibm.com/developerworks/forums/thread.jspa?messageID=14005859

    So, I downloaded the policy files, but the error persists. This is my java version:

    java version "1.5.0"
    Java(TM) 2 Runtime Environment, Standard Edition (build pxa64dev-20061002a (SR3) )
    IBM J9 VM (build 2.3, J2RE 1.5.0 IBM J9 2.3 Linux amd64-64 j9vmxa6423-20061001 (JIT enabled)
    J9VM - 20060915_08260_LHdSMr
    JIT - 20060908_1811_r8
    GC - 20060906_AA)
    JCL - 20061002

    I found that the files are for jdk 1.4+ is this ok or there other special for jdk 5?

    Thanks in advance!
    Guzmán
    Hello Guzmán,

    Have you tried upgrading your java version to 6.0 and/or jdk to 1.6?
    I don't know if that would have any difference, but as far as I know, one of the big components associated with security was updated between versions of 5 & 6.

    If you tried and it works or doesn't work, please let me know.
    Best of luck,
    SEO San Francisco | Psychiatrist San Jose