Ognjen,
> You must use the same keystore and same alias when you:
> 1. generate key,
> 2. generate csr,
> 3. import certificate.
>
> Example:
> keytool -genkey ... -keystore xxx.jks -alias yyy
> keytool -certreq ... -keystore xxx.jks -alias yyy
> and later
> keytool -import -trustcacerts ... -keystore xxx.jks -alias yyy
>
> Same keystore, same alias in all three invocations of keytool.
I took screenshots of my actions in doing these steps above. The only
problem I see is when I created the keystore at first I named it
wcmdev.keystore and now it seems to be named wcmdev.jks . So I have
deleted all keystores and will start from scratch again.
Here is what I have entered for creating keystore and CSR request:
C:\Program Files>cd %JAVA_HOME%
C:\Program Files\Java\jre6>cd bin
C:\Program Files\Java\jre6\bin>keytool -genkey -alias tomcat -keyalg RSA
-keysize 2048 -keystore wcmdev.jks
(I deleted this section)
Enter key password for <tomcat>
(RETURN if same as keystore password):
Re-enter new password:
C:\Program Files\Java\jre6\bin>keytool -certreq -keyalg RSA -alias tomcat
-file wcmdev.csr -keystore wcmdev.jks
Enter keystore password:
When I get the new certificate should I only import the certificate? Or do
I need to import the intermediate and root certificate first?
Thanks,
Justin
******************************************************************************
This email and any files transmitted with it are intended solely for
the use of the individual or agency to whom they are addressed.
If you have received this email in error please notify the Navy
Exchange Service Command e-mail administrator. This footnote
also confirms that this email message has been scanned for the
presence of computer viruses.
Thank You!
******************************************************************************
