Hi everyone, I'm attempting to store my pre-existing RSA key/certificate into a Java keystore using the extkeytool. I got my server certificate signed by the Bossie CA, which is a CA that issues certificates for nothing more then testing purposes. When I run the command ""extkeytool -importkey -alias reto -keyfile C:\pki\reto.key.pkcs8 -keystore C:\pki\reto.jks -storepass KEYSTOREPASS -provider org.bouncycastle.jce.provider.BouncyCastleProvider -certfile C:\pki\reto.crt", I get the following error message:"Incomplete certificate chain. Cannot Perform Operation: Incomplete cerficate chain.". >From what I've read about the Java keystore facility, I need to have my server certificate signed with the full chain up to to the root CA certificate and consist of a certificate bundle file. This file should include a series of PEM-encoded X509 certificates representing a complete trust chain, from the root CA certificate to the certificate that matches my private key. My question is how do I go about signed up with the full chain up to the root CA certificate? How do I go about getting the CA signer certificate (which in this case would from Bossie) since all I received when I got my certificate request signed is my own server certificate. Any sort of help would be greatly appreciated. Cheers.
<<attachment: winmail.dat>>
