CKB:The requested public SSL certificate cannot be imported

Aus Cryptshare Documentation
Version vom 14. Januar 2022, 13:35 Uhr von Maintenance script (Diskussion | Beiträge) (Imported from text file)
(Unterschied) ← Nächstältere Version | Aktuelle Version (Unterschied) | Nächstjüngere Version → (Unterschied)
Wechseln zu:Navigation, Suche


Applies to:

All versions of Cryptshare Server

Symptom:

The requested SSL certificate cannot be imported into the keystore with the following error:

  • English: Could not establish trust for the CA Reply.
  • German: Vertrauenskette für die CA Antwort konnte nicht erstellt werden.

9207982.png

Cause:

The information in the SSL certificate from the CA doesn't match the information in the sent CSR.

Solution:

Export the private key from the keystore used for the creation of the CSR file and import it together with the requested SSL certificate into a new keystore.

  1. open the existing keystore used for the generating of the CSR file

2. klick with the right mouse button on the entry in the keystore 3. open the menu entry 'Export --> Export Private Key' 9207984.png 4. save the private key in OpenSSL format to your local machine 9207985.png 9207986.png 5. create new Java-Keystore of type JKS 9207974.png 9207973.png 6. impot the available SSL certificate 9207972.png 7. select the certificate format, e.g. pkcs12 (.pfx) or OpenSSL (.crt, .cer, .pem) 9207989.png 9207991.png 9207992.png 8. import and check the certificate chain 9207970.png 9207969.png 9207968.png 9. save the keystore 9207967.png 10. use the default password 'CA0AZhuFM4NogQh', to save the Keystore 9207966.png 11. install the created keystore on the Cryptshare server Setting up an SSL Certificate#InstallingtheKeystoreontheCryptshareServer

Abgerufen von „https://documentation.cryptshare.com/w/index.php?title=CKB:The_requested_public_SSL_certificate_cannot_be_imported&oldid=16122