How to import a CA certificate

I did implement some software using the Java SSL extension. It works when installing each certificate as trusted.
Now I want to use the existing internal CA infrastructure. I did a certification request, got the answer and tried to import it into my keystore.
I got the error
keytool error: Failed to establish chain from reply
Seems logical to me, as the signing CA is not known by default. I think I have to import the CA certificate into Javas "cacerts". But when trying this, I got the following error:
keytool error: Signature not available
Whats that??? Of course there is no signature available, it is the CA certificate. I compare the fingerprint of the certificate manually and it is OK. How to I import it into cacerts?
Cheers...Urs

OK, I solved that one.
The problem was that the JDK1.2 keytool seems not being able to deal with RSA signatures, however the JDK1.3 one works ok.
I'll do the key management with JDK1.3.
Cheers...Urs

Similar Messages

  • How to import a Root Certificate Authority for signing

    How can I import a Root Certificate Authority in order to use it with Certificate Assistant as a CA to sign other certs?
    I have the CA cert imported in keychain along with it's associated private key (from a .p12), it's got the gold icon and is recognized as a Root certificate authority, yet Certificate Assistant will not list it as an available Root CA in the "Set Default CA" action dialog, the "Add..." dialog seems only interested in a ".certAuthorityConfig" plist file.
    Do I have to generate a certAuthorityConfig for the CA? I can't seem to find a way to do that. No clues from certtool & security CLI utils even.
    Any info/leads on how to get this to work would be much appreciated.
    Regards,
    -david

    Hi Alex,
    From ACE perspective, it doesn't make differences if you are using certificates issued by your local or a "well known" CA. Moreover, if not mistaken, you have to configure authentication group whatever you are doing client or server authentication.
    http://www.cisco.com/en/US/partner/docs/app_ntwk_services/data_center_app_services/ace_appliances/vA4_1_0/configuration/ssl/guide/certkeys.html#wp1043643
    Thanks,
    Olivier

  • How to import Root CA certificate (Firefox 22)on windows using certutil? what are the dlls required?

    I was using certutil from my application to import root CA certificate, but it it started complaining about missing dlls after Firefox 18. What are the dlls required.
    It will be appreciable if some one can give the code of Firefox (What they use), to import root CA certificates.
    Thanks

    I found the following with a google search. Hope it helps.
    *https://support.mozilla.org/questions/955513 How to add a private SSL root certificate authority
    *https://support.mozilla.org//questions/952035 Where can I download certutil.exe and the NSS Utils for Windows
    *https://www.felixrr.pro/archives/165/mozilla-nss-utils-with-nspr-compiled-for-download
    *http://wiki.cacert.org/FAQ/BrowserClients#Mozilla_Firefox

  • How to import Verisign Intermediate certificate (char 2) with Oracle Wallet 10.1.0.5

    Hi,
        Recently I renewed a Verisign Certificate using Oracle Wallet 10.1.0.5 but could not apply one of the intermediate certificates (char2 encryption?).  The error message is : "Some trusted certificates could not be installed:. Does anyone have a solution to this problem?  A technician at Verisign told me that I need to contact Oracle for a patch.  Is there such a patch for Oracle Wallet version 10.1.05?
        Please help and thanks!
    Jim.

    Hi Jim,
    Which certificate did you get renewed ? root certificate or a user certificate and is it using the same CSR or did you request it via a new CSR (certificate signing request)
    Looks like the certificate chain is breaking when you are trying to import the intermediate certificate. The certs has to be imported in a order (root , intermediate and then user)
    Below doc can help you to some extent:
    How to Replace an Expired or Expiring Certificate in Wallet Manager in Oracle AS 10g and FMW 11g (Doc ID 303299.1)
    Thanks,
    Sharmela

  • Importing public key certificate from external application

    Hello!
    I am trying to implement the following scenario:
    1. External client application sends it's public key certificate to SAP WAS
    2. SAP imports this certificate into its PSE
    3. External client application sends digitally signed messages to SAP (with <i>secKey</i> HTTP call parameter)
    4. SAP checks this signature and does whatever further action.
    For simplicity reason, I emulated this "external app" by using the ArchiveLink interface of the very same SAP system. So, I have one system which is at the same time client and server, but the communication works via HTTP.
    I started with step 1: The ArchiveLink (in my case "external app") uses the function SCMS_HTTP_PUT_CERT to send the public key certificate to the client via HTTP. It worked well - I received the message with HTTP service and it contained some binary content as expected (valid public key certificate - I suppose).
    Unfortunately, I was unsuccessfull with step 2: How to import the received certificate into my PSE?
    I debugged the STRUST transaction and saw that it uses the function SSFP_PUTCERTIFICATE to import public key certificate into SAP's own PSE. However, when I try to use it, I get error <i>No temporary PSE available</i>. I also tried to <i>encode-base64</i> this message with the same result. What does this mean?
    Does anyone has experience with this? Please share it.
    Thanks in advance and kind regards,
    Igor

    The key point was understanding the cleverly named parameter PROFILE in the function SSFC_PUT_CERTIFICATE. You'd never guess: it's a path to a PSE where you want to put the certificate, in my case: C:\usr\sap\NSP\DVEBMGS00\sec\SAPSYS.pse. There's one more step: updating database with the file system PSE.
    So, the test sequence that works is:
    1. SSFP_GETSAPCERTIFICATE
    2. SSFC_PUT_CERTIFICATE
    3. SSFPSE_STORE
    Regards,
    Igor
    P.S. Am I the only one playing with these things? I keep getting 0 replies to my questions.

  • About import externel server certificate in PI SR3

    HI expert !!
    I ready connect soap to soap scenarios,but it need to ssl protocol,please tell me how to import external server certificate authentication in PI,thanks !!!

    Hi,
    Through Visual administrator window we need to import external certificates (private key, public key, singature key and root key).  Once certificates are upload automatically we can get those certificates in PI window.
    For more information find below links
    Security Guide
    http://help.sap.com/saphelp_nw04/helpdata/en/f7/c2953fc405330ee10000000a114084/frameset.htm
    SSL Configuration
    http://help.sap.com/saphelp_nw04/helpdata/en/14/ef2940cbf2195de10000000a1550b0/frameset.htm
    SSL config pdf
    https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/964f67ec-0701-0010-bd88-f995abf4e1fc
    https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/23894238-0701-0010-40b0-a0a6d5c4ad9f?prtmode=navigate
    SSL Message level security
    https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/d024ca8e-e76e-2910-c183-8ea4ba681c51

  • How do I import a renewed certificate to the other DAG members?

    Hi
    I have just run through the process of renewing an internal certificate on one of our Exchange 2010 servers.  I requested a renewal, ran through the wizard on the internal CA, then completed the process on the Exchange server.  I have
    assigned services to the new certificate and it looks ok in the EMC.  Now I need to import the same certificate to our 2 other Exchange servers but I don't see how.  if I use the Import Certificate wizard it asks for a private key which I don't have. 
    Is there a way to import the same certificate or do I have to submit a request from each server (that doesn't sound right to me).
    Cheers

    Hi,
    Here are the steps to export the certificate with Private Key and import it.
    http://msexchangeguru.com/2013/06/29/import-cert-e2013/
    Kottees :My Blog Please mark it as an answer if it really helps you.

  • How to import a certificate in OHS

    Hi,
    We have WebLogic 10.3.5 and SOA 11g installed which is front end by OHS. We have outside vendor that hit OHS and then OHS does the routing to web logic and SOA. Vendor have provided a certificate that we need to import into OHS. Wanted to find out how to import a certificate in OHS. Any help is appreciated.
    Thanks

    http://docs.oracle.com/cd/E21764_01/web.1111/e10144/getstart.htm#HSADM860

  • How to import a Verisign SSL Certificates into WebAccess

    I attempted tp follow the Novell TID:
    How to Import a CSR generated by GWCSRGEN (10091564).
    Whenever I attempt an import according to the above TID, I get the following error message 'Failed to store the root certificate into the object VeriSignCert.xxxxx.xxx.xxx. Returned error code is -1,240.
    The Novell Certificate Server Snap-In to Netware Administrator or Console One could not parse the certificate or extract the mandatory elements from the certificate.

    FilosaD,
    It appears that in the past few days you have not received a response to your
    posting. That concerns us, and has triggered this automated reply.
    Has your problem been resolved? If not, you might try one of the following options:
    - Visit http://support.novell.com and search the knowledgebase and/or check all
    the other self support options and support programs available.
    - You could also try posting your message again. Make sure it is posted in the
    correct newsgroup. (http://forums.novell.com)
    Be sure to read the forum FAQ about what to expect in the way of responses:
    http://forums.novell.com/faq.php
    If this is a reply to a duplicate posting, please ignore and accept our apologies
    and rest assured we will issue a stern reprimand to our posting bot.
    Good luck!
    Your Novell Product Support Forums Team
    http://forums.novell.com/

  • How to import a password protected p12 certificate to keystore?

    Hi all,
    I am new in java security programming.
    And I got something very urgent need your help..
    How to import a password protected p12 certificate to keystore programmatically?
    Does anyone have sample codes on this issue?
    thanks very much
    Wyan

    Hi omslion,
    I responded to a similar post from you (and moved it to the Acrobat forums). Password protecting a file requires Adobe Acrobat. You are welcome to download a free 30-day trial of Acrobat. For more information, see www.adobe.com/products/acrobat.html.
    Best,
    Sara

  • How to import a certificate  verify.der.cer to enable SSO

    How to import a certificate  verify.der.cer to enable SSO

    Hi Chitrangada,
    You havent mentioned if you need to configure SSO between which two systems. However, assuming that you are configuing the access of an ABAP system from a portal, you can import the verify.der file in TA STRUSTSSO2.
    The entire procedure is available at:
    http://help.sap.com/saphelp_nw70/helpdata/en/12/9f244183bb8639e10000000a1550b0/frameset.htm
    Hope it helps!
    Best Regards,
    Srividya.R

  • Is there a way to automate the installation/importing of a certificate. I know how to import on manually, but I need a way to import one via a script. How can I do this?

    I am looking for a way to import a certificate into FireFox 4.0.1 on XP. I know how to import them manually under tools>options, but I need a way to script the import process using something like a certutil for FF. Has anyone done this before? I need to hit several hundred workstations. Thanks for your time, suggestions and assistance.

    Thank you, that was perfect!
    Yoni

  • How to Import Self-signed SSL server certificates in Adobe AIR applications

    Hi,
    I am using secure AMF endpoints for remote object communication from AIR client.
    since i am using a self signed SSL certificate on the server, i am getting a certificate warning message on the AIR client, when ever a remote call is done.
    Is there any mechanism to import the server certificate in AIR application..?
    Please provide suggestions.
    Thanks

    I have the same issue along with repeated prompts to accept cert when I am just trying to access the page internally on my network.. Any help here RIM????????

  • Unable to import the user certificate into the Oracle Wallet Manager

    Hi,
    I am configuring the External Authentication plugin using the password filters.
    i am using the version 10.1.0.5.0 version of Oracle Wallet manager
    inorder to do that i am enabling the SSL mode.
    to enable the SSL mode i followed the some steps in OWM and OCA admin and user console.
    when i approved a certificate as admin and importing to the Oracle Wallet Manager, i got an error that
    User Certificate Installation failed.
    Possible errors:
    - Input was not a valid certificate
    - No matching certificate request found
    - CA certificate needed for certificate chain not found.
    Please install it first
    can anyone help me how to resolve this problem.

    hi,
    thanks for your reply pramod
    I tried to import the two certificate files(rootca.crt and server.crt). but i am got the same error.
    what may be the problem.

  • How do I remove the certificat error everytime I try to access the Cisco Unified CM Administration web-page?

    Hi,
    Every time I want to have access to the Cisco Unified CM Console (System version: 7.0.1.11000-2), I use the https://10.10.x.x/ccmadmin/showHome.do homepage on my client computer, but when I open the page, I get a SSL certificate error, stating no trust to this webpage security certificate and if I those "continue to this page (not recommended)", I get access to the Cisco Unified CM Console web page.
    I have tried to add the https://IP-adress to secure web pages in Internet Explorer 7, but this to no avail, it does not help.
    How do I add this certificate to a trusted something, so I do not get this warning every time I open the page?
    Kind regards,
    Carl-Marius

    Hi Michael,
    It worked when I change the IP-address to the name that was written in the certificate, and imported the certificate to Internet Explorer.
    Thank you for your fast and very precise help!
    Kind regards,
    Carl-Marius

Maybe you are looking for

  • Connection problem with LDAP

    Hi, Is it possble to connect 10g version of database using LADAP from forms 6i ? Thanks Bcj

  • Display languages

    Hi all, I have a new netweaver 7.0 with BI installation running on a sandbox server.  Everything seems to be running fine.  Logon languages work fine for me when using BeX web, protal, or other CRM, etc functions. However when I login and use the Pla

  • Is it possible to run an iPhone and an iPod off of one iTunes account?

    Is it possible to run an iPhone and an iPod off of one iTunes account?  I want to buy an iPhone but I also want to use my Ipod Touch

  • How to Add column with default value in compress table.

    Hi , while trying to add column to compressed table with default value i am getting error. Even i tried no compress command on table still its giivg error that add/drop not allowed on compressed table. Can anyone help me in this . Thanks.

  • Adding an extra line in the table control

    Hi All, How can we add an extra record in the table control after the user hits ADD button?We tried doing it by incrementing the lines field in the table control,but it is executing the PBO part again after hitting the ADD button.Any SAP standard pro