Sun Java keytool importing EV certificates into a single keystore

Posted by ss0 on Server Fault See other posts from Server Fault or by ss0
Published on 2010-07-14T21:24:14Z Indexed on 2011/01/17 10:54 UTC
Read the original article Hit count: 254

At my current job we are using tomcat, customers have custom web portals setup on their own local machines. EV certs are new to me, they have 2 part intermediary and a primary certificate. For our product to work it appears I need to get all three parts installed under a single keystore entry. How can I roll all three parts into a single x.509 compliant file for import?

They syntax I am using is as follows:

/blah/system/j2sdk/bin/keytool -import -alias foo -keystore /zix/system/jdk1.5.0_06/jre/lib/security/cacerts -file certname.pem -trustcacerts

where foo = the keystore name and certname.pem is the main cert.

I have tried importing the intermediate certs under their own names into the keystore and I don't know if it's just the product I have to work with (not vanilla tomcat) or what but it doesn't see those. I have seen a working system and all three certs were under the single keystore alias. Anyone have any ideas?

© Server Fault or respective owner

Related posts about tomcat

Related posts about java