Create keystore

We have installed 8.0.1. I am trying to configure the certs for https ssl handshake
As per IS Admin guide.

  1. create keystore files using java tool keytool. – created
  2. create keystore alias from IS admin page – this step is failing with the following error

Error: cannot load the keystore for alias ‘keyalias’. Details: attempt to initialize keystore using location(Y:\SoftwareAG8\IntegrationServer\config\certs\XXXX.keystore) failed.

cannot proceed further, please provide guidelines

bsr

Follow up on [url]http://techcommunity.softwareag.com/ecosystem/documentation/webmethods/wmsuite8_ga/Integration_Server_and_Process_Engine/8-0-SP1_Administering_Integration_Server.pdf[/url]

In particular when it talks on page 215 about keyaliases. This means when you create a keystore, you store keypairs using an “alias” name for each. A keystore can have multiple keypairs.

IS needs to know from all the certs, the alias you want to use.

A good open source tool for working with keystores and the keypairs and aliases stored in them is Portecle.

Portecle is quite good for keystores.

Take a look to [url]Home for a more advanced CA tool.

I created a keystore using the keytool. I imported a public .der key into the keystore in the Security → Keystore utility. It is complaining that I don’t have a valid password for one of the aliases (even though I used the alias I provided to the public key in the keystore). I even tried adding the CA into the keystore with another alias. I’ve tried referencing both and while it will allow me to ‘Submit’, it will not list any of the aliases in the keystore. Am I missing something?

It seems to think that the keystore is not valid even though it accepts it. If I use a bogus password it will not accept the entry. But with the correct password it does. Still, it will not display any aliases after the submit button like the documentation says it should.

I’m use also IS 8.0.1. Now I can imported a public .der key into the keystore Using KeyTool, I think that you don’t specify an alias in importing pubic key, I used command as below:
keytool -importcert -alias mypublickey -file mypublickey.der -keystore mykeystore.jks

But I don’t know how import .der private key to keystore, The private key is generated using webMethods’s certificatetoolkit, Please help me

I have resolved the issue, I convert .der private key to pem format using below openssl command, then get key/pair by add public key to priv9.pem,
I import key/pair to keystore by portecle 1.5
openssl pkcs8 -in priv9.der -inform DER -nocrypt -out priv9.pem

Could someone explain what the “get key/pair by add public key to priv9.pem” means? I converted my private key to .pem, but don’t understand the next step.

Keypair contains privatekey.pem and publickey.pem, as below for your reference.

keypair.pem, it content as below:

–Begin Certification—
publickey content
–End Certification—
–Begin Private Certification—
Privatekey content
–End Private Certification—

Hi,

Could anyone please tell me how to add the public key to private key.pem file?


Thanks,
Ambrish.

Did you check the IS8.x Admin documentation that should normally cover this topic?

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.