keytool cannot import certifiate - failed to establish chain from reply
Take a look at the option -trustcacerts, if your CA is listed in the truststore. Additionally you may have to add the CA's intermediate certificates to your keystore, first.
Nikola Kolev
Team player with great positive influence on people and strong leadership skills. Believes in an "one for all and all for one" vision for building a team. Software engineer with 10 years experience. Java enthusiast with tons of knowledge in back-end and recently in cutting-edge front-end as well. A reliable professional used to work under pressure with enthusiastic "can-do" attitude focused on delivering high quality products.
Updated on November 25, 2020Comments
-
Nikola Kolev over 3 years
I would really appreciate if someone could shed some light on the following issue. I have read the keytool documentation but could not find any hint regarding what could be the problem here.
I created a keystore
keytool -genkey -alias privateKeyName -keyalg RSA -keystore privateKeyName.jks -validity 720 -keysize 1024
I created a certificate request
keytool -certreq -alias privateKeyName -keystore privateKeyName.jks -file certReqFileName.csr
After the signing authority gave me the .cer file, I tried to import it with
keytool –import -alias privateKeyName -file certReqFileName_t_f.cer -keystore privateKeyName.jks
Import fails with
keytool error: java.lang.Exception: Failed to establish chain from reply
I have been stuck on this for some time now so any help would be awesome. Thanks.