Xiaohua Cheng wrote:
>
> So, now keytool can recognize the certificate your OpenSSL generates?
Yes. keytool of JDK 1.3, X509v3 server cert with some extensions.
> It always returns
> "unrecognized format" when I was trying to import certificate generated
> with OpenSSL into the keystore.
Try to convert it to DER format with openssl x509 -outform der to
avoid any format problems.
> I sent the message to user group and nobody
> replied. Could you let me know what you did step by step?
Assuming you already have a valid key store.
keytool -genkey -alias "test"
keytool -certreq -file test.req -alias "test"
openssl ca ... -in test.req -out test.crt
keytool -import -file test.crt -alias "test"
I might have forgotten some options. See keytool -h. It's not that
different from using openssl.
Ciao, Michael.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
