znotte
asked on
jarsigner Certificate chain not found error
Hi,
Is there a way to use my allready generated certificate in a diferent machine, without getting: jarsigner Certificate chain not found error?
Here is the scenario:
I´ve created a digital certificate on my machine (windows 2000), using keytool -genkey, like this:
keytool -genkey -keyalg rsa -alias mycert
Then, with the mycert.csr file, I´ve created the mycert.cer file with my test CA.
Next, I´ve imported the .cer certificate using keytool -import:
keytool -import -keystore .keytore -alias mycert -file studio.cer
And finally signed my jar file:
jarsigner -storepass 123456 -signedjar asso-ja sso.jar mycert
Signing my jar file this way, worked pretty well. But only on one machine.
The problem goes here:
If i try to sign my jar on a DIFERENTmachine, using these steps:
1 - keytool -import -keystore .keytore -alias mycert -file studio.cer
2 - jarsigner -storepass 123456 -signedjar asso-ja sso.jar mycert
I get this error:
jarsigner: Certificate chain not found for: mycert. mycert must reference a valid KeyStore key entry containing a private key and corresponding public key certificate chain.
Is there a way to use my allready generated certificate in a diferent machine?
The fact that my private key were generated on one machine, hinders it use on others?
Thanks.
Is there a way to use my allready generated certificate in a diferent machine, without getting: jarsigner Certificate chain not found error?
Here is the scenario:
I´ve created a digital certificate on my machine (windows 2000), using keytool -genkey, like this:
keytool -genkey -keyalg rsa -alias mycert
Then, with the mycert.csr file, I´ve created the mycert.cer file with my test CA.
Next, I´ve imported the .cer certificate using keytool -import:
keytool -import -keystore .keytore -alias mycert -file studio.cer
And finally signed my jar file:
jarsigner -storepass 123456 -signedjar asso-ja sso.jar mycert
Signing my jar file this way, worked pretty well. But only on one machine.
The problem goes here:
If i try to sign my jar on a DIFERENTmachine, using these steps:
1 - keytool -import -keystore .keytore -alias mycert -file studio.cer
2 - jarsigner -storepass 123456 -signedjar asso-ja sso.jar mycert
I get this error:
jarsigner: Certificate chain not found for: mycert. mycert must reference a valid KeyStore key entry containing a private key and corresponding public key certificate chain.
Is there a way to use my allready generated certificate in a diferent machine?
The fact that my private key were generated on one machine, hinders it use on others?
Thanks.
girionis
Have a look here: http://forum.java.sun.com/thread.jspa?threadID=362156&messageID=1520612
ASKER
It seems that I need to use my private key, located in my keystore, if I wanna use the public certificate on other machines.
But imagine that I have hundreds of private keys in my keystore, and I just wanna use one of them. How do I extract a private key from my keystore and tranfer it to a new one?
But imagine that I have hundreds of private keys in my keystore, and I just wanna use one of them. How do I extract a private key from my keystore and tranfer it to a new one?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.