Not able to add keystore alias [SOLVED]

Hi,

Am getting error while creating a new keystore alias -

  • Error: cannot load the keystore for alias ‘test’. Details: attempt to initialize keystore using location(/home/wmdev/keystoreT) failed.

Could you please help me in handling this error.

/Naidu

Hi Naidu,
One basic question.
Do you want to add keystore or truststore?

Please explain your requirement. I may help you

Hi There,

Which tool are you using, Keytool or OpenSSL ?
Which format are you going to use ? .jks or any other ?
Did you put the keystore file in the path?

IF you have time, plz go thru Google Code Archive - Long-term storage for Google Code Project Hosting. to get more details and let us know the updates.

Thanks,

Hi Vikas :slight_smile:

My requirement is -

I’m trying to call a external webservice, over https.

My progress on above requirement is -

  1. To create a self signed cert(using a tool) .pfx.
  2. extract the private key and cert from above .pfx
  3. Create the keystore with private key and cert
  4. share only cert with partner
  5. Configure the ws consumer end point alias with keystore of above #3

Now, I’m stuck at #5, I’m not sure if I created the keystore right or not.

P.S: (#3 - Instead of adding an entry in the current keystore, I need to create new keystore as the pwd for the old is lost… any suggestion retrieve the pwd is also helpful :slight_smile: )

Hi as173d,
I can use openssl or keytool. please suggest one which works good with webMethods :slight_smile:

Hi Naidu,

From your requirement it looks like it is two way SSL handshake. If you were able to add private key to keystore then it would have given you some key alias for your key entry.
When i have done that it gave me key alias as “1”.
Now in your consumer service in Auth section you need to enter the value of key alias an keystore alias. It should work.

You were getting error while loading the keystore. It happens most of the time either you have not entered the correct keystore password or did not use the correct keytool command to add private key to keystore.
Following is the command to add private key to keystore.

keytool -importkeystore -srckeystore -srcstoretype PKCS12 -destkeystore

PS: private key must be in PKCS12 format.

Let me know if issue still persist.

1 Like

ya… even I saw this import in several forums…

wondering how to execute it, as all the switches used were unrecognized.

[wmdev@kna-eaidev1 bin]$ keytool -importkeystore -destkeystore /tmp/dummy.jks -srckeystore /tmp/SKANSKA99566189.p12 -srcstoretype PKCS12
Unrecognized command: -importkeystore
Destkeystore
Srckeystore
Srcstoretype

I’m using keytool from location - /home/wmdev/webMethods/jvm/linux160_64/bin

Hi Naidu,
I do not understand why this command is not working for you. I’ve also done it on linux environment using java 1.6 without any issue and without any additional step.just type keytool and press enter and see what all options it tells you.
When i did the same it showed me several options along with the one mentioned below.

-bash-3.2$ keytool
keytool usage:

-importkeystore [-v]
[-srckeystore ] [-destkeystore ]
[-srcstoretype ] [-deststoretype ]
[-srcstorepass ] [-deststorepass ]
[-srcprotected] [-destprotected]
[-srcprovidername ]
[-destprovidername ]
[-srcalias [-destalias ]
[-srckeypass ] [-destkeypass ]]
[-noprompt]
[-providerclass <provider_class_name> [-providerarg ]] …
[-providerpath ]

$ keytool -importkeystore -destkeystore /tmp/dummy.jks -srckeystore /tmp/SKANSKA99566189.p12 -srcstoretype PKCS12

This command is taking keytool form OS java(which is 1.4). When I explicitly specified webMethods 1.6 java path for keytool its working :slight_smile:

Now, its perfectly fine I could create new keystore alias :slight_smile:

Thank you Vikas!

Happy to hear that your issue got resolved… :slight_smile: