Cannot import certificate into java control panel

java ssl import certificate
10,645

keytool -certreq creates certificate request also known as PKCS#10, which should be provided to Certificate Authority to get a real certificate. Then you upload it to the tool, which expects certificate.

From these lines in the stacktrace

at java.security.KeyStore.load(Unknown Source)
at com.sun.deploy.panel.CertificatesDialog.importPKCS12Certificate(Unknown Source)

I can tell that UI actually expects keystore in PKCS#12 format with certificate inside, not just a separate certificate.

This is how you can generate a keystore with self-signed certificate with a keytool

keytool -genkey -keyalg RSA -alias selfsigned -keystore keystore.jks \
  -storepass password -validity 360 -keysize 2048

However, this will create keystore in JKS format and that have to be converted to PKCS#12 format with a command

keytool -importkeystore -srckeystore keystore.jks -srcstoretype JKS \
  -deststoretype  PKCS12 -destkeystore keystore.p12

or alternatively keystore can be created in PKCS#12 format with specifying -storetype

keytool -genkey -keyalg RSA -alias selfsigned -keystore keystore.p12 \
  -storetype pkcs12 -storepass password -validity 360 -keysize 2048

Note that the keystore contains self-singed certificate together with the corresponding private key.

Share:
10,645

Related videos on Youtube

Raymond Holguin
Author by

Raymond Holguin

Updated on September 15, 2022

Comments

  • Raymond Holguin
    Raymond Holguin over 1 year

    I am trying to import a self-signed certificate into the trusted certificates in the java control panel. it is under the security tab-> Manage Certificates. No matter how simple the password is i set on the keystore, the import program always tells me my password is invalid after i type it in. I have also tried changing the certificate type but no luck..li tried all of them. Here are the simple steps i used to create my files

    keytool -genkey -keyalg RSA -keysize 2048 -keystore test_keystore.jks -alias test

    Then I generate my CSR file which the java control panel takes as an input

    keytool -certreq -alias test -keystore test_keystore.jks -file test_certificate_request.csr

    Since this is just a test, the passwords I am setting are super simple so its not an issue of using the wrong password or typing it incorrectly. Yet every time i import the test_certificate_request.csr file i created it it tells me invalid password.

    In case it matters, here is the full strack trace generated from the import program when i click on the "more information" button.

    java.io.IOException: toDerInputStream rejects tag type 45
at sun.security.util.DerValue.toDerInputStream(Unknown Source)
at sun.security.pkcs12.PKCS12KeyStore.engineLoad(Unknown Source)
at java.security.KeyStore.load(Unknown Source)
at com.sun.deploy.panel.CertificatesDialog.importPKCS12Certificate(Unknown Source)
at com.sun.deploy.panel.CertificatesDialog.importButtonActionPerformed(Unknown Source)
at com.sun.deploy.panel.CertificatesDialog.access$200(Unknown Source)
at com.sun.deploy.panel.CertificatesDialog$4.actionPerformed(Unknown Source)
at javax.swing.AbstractButton.fireActionPerformed(Unknown Source)
at javax.swing.AbstractButton$Handler.actionPerformed(Unknown Source)
at javax.swing.DefaultButtonModel.fireActionPerformed(Unknown Source)
at javax.swing.DefaultButtonModel.setPressed(Unknown Source)
at javax.swing.plaf.basic.BasicButtonListener.mouseReleased(Unknown Source)
at java.awt.AWTEventMulticaster.mouseReleased(Unknown Source)
at java.awt.Component.processMouseEvent(Unknown Source)
at javax.swing.JComponent.processMouseEvent(Unknown Source)
at java.awt.Component.processEvent(Unknown Source)
at java.awt.Container.processEvent(Unknown Source)
at java.awt.Component.dispatchEventImpl(Unknown Source)
at java.awt.Container.dispatchEventImpl(Unknown Source)
at java.awt.Component.dispatchEvent(Unknown Source)
at java.awt.LightweightDispatcher.retargetMouseEvent(Unknown Source)
at java.awt.LightweightDispatcher.processMouseEvent(Unknown Source)
at java.awt.LightweightDispatcher.dispatchEvent(Unknown Source)
at java.awt.Container.dispatchEventImpl(Unknown Source)
at java.awt.Window.dispatchEventImpl(Unknown Source)
at java.awt.Component.dispatchEvent(Unknown Source)
at java.awt.EventQueue.dispatchEventImpl(Unknown Source)
at java.awt.EventQueue.access$200(Unknown Source)
at java.awt.EventQueue$3.run(Unknown Source)
at java.awt.EventQueue$3.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
at java.awt.EventQueue$4.run(Unknown Source)
at java.awt.EventQueue$4.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
at java.awt.EventQueue.dispatchEvent(Unknown Source)
at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
at java.awt.WaitDispatchSupport$2.run(Unknown Source)
at java.awt.WaitDispatchSupport$4.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.awt.WaitDispatchSupport.enter(Unknown Source)
at java.awt.Dialog.show(Unknown Source)
at java.awt.Component.show(Unknown Source)
at java.awt.Component.setVisible(Unknown Source)
at java.awt.Window.setVisible(Unknown Source)
at java.awt.Dialog.setVisible(Unknown Source)
at com.sun.deploy.panel.SecurityPanel.certsBtnActionPerformed(Unknown Source)
at com.sun.deploy.panel.SecurityPanel.access$300(Unknown Source)
at com.sun.deploy.panel.SecurityPanel$4.actionPerformed(Unknown Source)
at javax.swing.AbstractButton.fireActionPerformed(Unknown Source)
at javax.swing.AbstractButton$Handler.actionPerformed(Unknown Source)
at javax.swing.DefaultButtonModel.fireActionPerformed(Unknown Source)
at javax.swing.DefaultButtonModel.setPressed(Unknown Source)
at javax.swing.plaf.basic.BasicButtonListener.mouseReleased(Unknown Source)
at java.awt.AWTEventMulticaster.mouseReleased(Unknown Source)
at java.awt.Component.processMouseEvent(Unknown Source)
at javax.swing.JComponent.processMouseEvent(Unknown Source)
at java.awt.Component.processEvent(Unknown Source)
at java.awt.Container.processEvent(Unknown Source)
at java.awt.Component.dispatchEventImpl(Unknown Source)
at java.awt.Container.dispatchEventImpl(Unknown Source)
at java.awt.Component.dispatchEvent(Unknown Source)
at java.awt.LightweightDispatcher.retargetMouseEvent(Unknown Source)
at java.awt.LightweightDispatcher.processMouseEvent(Unknown Source)
at java.awt.LightweightDispatcher.dispatchEvent(Unknown Source)
at java.awt.Container.dispatchEventImpl(Unknown Source)
at java.awt.Window.dispatchEventImpl(Unknown Source)
at java.awt.Component.dispatchEvent(Unknown Source)
at java.awt.EventQueue.dispatchEventImpl(Unknown Source)
at java.awt.EventQueue.access$200(Unknown Source)
at java.awt.EventQueue$3.run(Unknown Source)
at java.awt.EventQueue$3.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
at java.awt.EventQueue$4.run(Unknown Source)
at java.awt.EventQueue$4.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
at java.awt.EventQueue.dispatchEvent(Unknown Source)
at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.run(Unknown Source)

    What am i doing wrong?

  • Raymond Holguin
    Raymond Holguin about 10 years
    Thanks worked perfectly. The input file on the import program lists both p12 and csr files as valid inputs, so its strange that only p12 files work.
  • divanov
    divanov about 10 years
    This is actually a very good question, because normally certificates have .cer or .crt extensions.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

need help Debugging SSL handshake in tomcat
How to disable certificate validation in java
Jenkins using JNLP behind nginx SSL reverse proxy
openssl p12 generation failing with CA bundle chain option
Import Java Trusted Certificate to JRE
Windows 7 will not install a root certificate
Clearing Java certificates cache (force reload certificates)
Java "sun.security.validator.ValidatorException: PKIX path building failed" certificate validation error
Thread-6, RECV TLSv1 ALERT: fatal, handshake_failure
JAVA - Simple GET request, using SSL certificate and HTTPS