Community Tip - Visit the PTCooler (the community lounge) to get to know your fellow community members and check out some of Dale's Friday Humor posts! X
I am following the instructions here:
Using JDK 1.8_131and Ubuntu 18.04 LTS
I keep getting the error above. I found this article, https://www.ptc.com/en/support/article?n=CS147810, but it requires a maintenance subscription.
Solved! Go to Solution.
The second version is correct. Since you are on Linux, it backslashes are interpreted as escape sequences instead of path delimiters, so the filename becomes incorrect and keytool cannot find it, giving this cryptic error message.
Then, keytool -import asks you for the destination store password, which is cacerts in this case, which is part of the JRE. The default password is changeit, please try it.
Finally, try to export your certificate from the JKS first, i.e.:
keytool -export -alias tomcat9 -file certificate -keystore twkeystore.jks
...and use "certificate" as the filename for keytool -import.
/ Constantine
Hello,
Can you provide the exact commands that you execute? Also make sure you execute it from JDK's bin directory. Ah, and you should probably replace the backslashes with the forward ones...
Regards,
Constantine
With \ slashes
root@thingworx-test:/usr/lib/jvm/jdk1.8.0_131/bin# keytool -import -alias tomcat9 -file "twkeystore.jks" -keystore "..\jre\lib\security\cacerts" Enter keystore password: Re-enter new password: keytool error: java.lang.Exception: Input not an X.509 certificate root@thingworx-test:/usr/lib/jvm/jdk1.8.0_131/bin#
With / slashes
root@thingworx-test:/usr/lib/jvm/jdk1.8.0_131/bin# keytool -import -alias tomcat9 -file "twkeystore.jks" -keystore "../jre/lib/security/cacerts" Enter keystore password: keytool error: java.io.IOException: Keystore was tampered with, or password was incorrect root@thingworx-test:/usr/lib/jvm/jdk1.8.0_131/bin#
I looked at the CA certs using the help on digi and think java is right and the cacerts file is not an X.509 cert.
The second version is correct. Since you are on Linux, it backslashes are interpreted as escape sequences instead of path delimiters, so the filename becomes incorrect and keytool cannot find it, giving this cryptic error message.
Then, keytool -import asks you for the destination store password, which is cacerts in this case, which is part of the JRE. The default password is changeit, please try it.
Finally, try to export your certificate from the JKS first, i.e.:
keytool -export -alias tomcat9 -file certificate -keystore twkeystore.jks
...and use "certificate" as the filename for keytool -import.
/ Constantine
Thanks,
for the next person who comes here, `sudo` is required for the keytool export, or you get the Permission denied.
root@thingworx-test:/usr/lib/jvm/jdk1.8.0_131/bin$ keytool -export -alias tomcat9 -file certificate -keystore twkeystore.jks Enter keystore password: keytool error: java.io.FileNotFoundException: certificate (Permission denied)
Also importkeystore will work.
sudo keytool -importkeystore -srcalias tomcat9 -srckeystore twkeystore.jks -destkeystore "../jre/lib/security/cacerts"
Thanks,
is your documentation publically editable in a github, I can update it if that is possible.