IC5Notice: We have upgraded developerWorks Community to the latest version of IBM Connections. For more information, read our upgrade FAQ.
Topic
  • 5 replies
  • Latest Post - ‏2012-12-18T12:48:28Z by JPdev
CHRpp
CHRpp
1 Post

Pinned topic keytool error: java.io.IOException: Invalid keystore format

‏2012-03-02T08:10:35Z |
I'm creating my own Certificate Authority. I tried it once in my server using openssl and then keytool. It ran perfectly the first time. But when I did it again on the same server I got this error when I tried to import the CA using the command

keytool -import -alias CHRM -file chrm.crt -keystore chrm.crt -storepass changeit

Can anyone help me? Do I need to reinstall the Linux OS to refresh everything?
Updated on 2012-12-18T12:48:28Z at 2012-12-18T12:48:28Z by JPdev
  • seohulu
    seohulu
    3 Posts

    Re: keytool error: java.io.IOException: Invalid keystore format

    ‏2012-03-02T19:34:11Z  
    This might be a common mistake for importing CA, you are using a keytool which is not coming from $JAVA_HOME.Therefore, u can try this command instead.

    $JAVA_HOME/bin/keytool -import -alias CHRM -file chrm.crt -keystore chrm.crt -storepass changeit

    Acoolme:Anybody Can Be Your Marketer
  • michaeljordan846
    michaeljordan846
    1 Post

    Re: keytool error: java.io.IOException: Invalid keystore format

    ‏2012-09-06T05:37:23Z  
    I was able to reproduce the error by mangling the trusted.certs file at directory

    C:\Documents and Settings\CDay\Application Data\Sun\Java\Deployment\security.

    Deleting the file fixed the problem.

    I am not 100% sure but 99% This will help you!

    by - eSparkInfo
  • JPdev
    JPdev
    18 Posts

    Re: keytool error: java.io.IOException: Invalid keystore format

    ‏2012-09-06T11:46:32Z  
    Hello,
    When you want to import a CA certificate, first the alias must not exist
    into your keystore file and you must use -trustcacerts with your command.

    as your command must be
    keytool -import -trustcacerts -alias CHRM -file chrm.crt -keystore chrm.crt -storepass changeit
    then if needed you can import the certificate signed by this CA.

    Hope this help you.
  • SystemAdmin
    SystemAdmin
    2262 Posts

    Re: keytool error: java.io.IOException: Invalid keystore format

    ‏2012-12-18T10:04:47Z  
    I was able to reproduce the error by mangling the trusted.certs file at directory

    C:\Documents and Settings\CDay\Application Data\Sun\Java\Deployment\security.

    Deleting the file fixed the problem.

    I am not 100% sure but 99% This will help you!

    by - eSparkInfo
    Thanks Michael,it really working.
  • JPdev
    JPdev
    18 Posts

    Re: keytool error: java.io.IOException: Invalid keystore format

    ‏2012-12-18T12:48:28Z  
    Thanks Michael,it really working.
    Well,
    of course deleting the file works, but it is the same and better to delete first the alias
    from the keystore and then reinstall it.

    JPdev