Keytool issue with version 3.0.2
Djordje Gavrilovic
gavrilovicmdj at gmail.com
Thu May 19 09:52:24 UTC 2022
Hi guys,
I have a following issue with migrating from version 1.1.1f to 3.0.2:
I generate bmstore.pkcs12.pem file with the following commands:
```
openssl req -newkey rsa:2048 -sha1 -keyout bmstore.pkcs8.pem -nodes
-x509 -days 999 -out bmstore.x509.crt -subj
"/C=DE/ST=Nsk/L=Nsk/O=BM/OU=BM/CN=AS"
openssl pkcs12 -export -in bmstore.x509.crt -inkey bmstore.pkcs8.pem
-out bmstore.pkcs12.pem -passin pass:changeit -passout pass:changeit
```
This file is genearted with different openssl versions differently. Both
versions of the file are attached.
Based on that file I generate:
```
keytool -importkeystore -srckeystore bmstore.pkcs12.pem -srcstoretype
PKCS12 -srcstorepass changeit -destkeystore bmstore.pkcs8.x509.jks
-deststorepass changeit
```
But keytool works only with the bmstore.pkcs12.pem generated with old
version of openssl and creates bmstore.pkcs8.x509.jks
The current version of openssl generates bmstore.pkcs12.pem in another
format and keytool throws an exception:
```
Importing keystore bmstore.pkcs12.pem to bmstore.pkcs8.x509.jks...
keytool error: java.io.IOException: keystore password was incorrect
```
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pem_files.zip
Type: application/zip
Size: 5825 bytes
Desc: not available
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20220519/2c7e769f/attachment-0001.zip>
More information about the openssl-users
mailing list