Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

keytool error: java.lang.Exception: Input not an X.509 certificate

I am trying to import Gmails smtp certificate for use with Jira, but I get this error when importing using Javas keytool.

I used openssl to get the certificate, everything between ----Begin Certificate---- and ----End Certificate---- (inclusive). I also attempted to create an x.509 certificate using Windows Certificate Manager, but still get this error. I have verified that there are no extra whitespaces in the file.

I have seen many people with this problem online, but none of the solutions seem to work for me. Any help would be appreciated.

Thanks

like image 348
dbbooh01 Avatar asked Aug 10 '10 13:08

dbbooh01


People also ask

How do I fix Keytool error?

Resolution. Place the signed certificate into the directory (<drive>\vontu\jre\bin) with the . keystore file. Note: Make sure that no extra lines, spaces, trailing carriage returns, or characters have been inadvertently added, or the file will not work.

What does an x509 certificate contains?

An X. 509 certificate contains an identity and a public key. It binds an identity -- such as an individual or hostname -- to a public key with a digital signature. The signature is either made by a trusted certificate authority (CA) or is self-signed.


2 Answers

openssl x509 -outform der -in foo.pem -out foo.der

Then use the DER-encoded output certificate.

like image 51
Borealid Avatar answered Oct 25 '22 14:10

Borealid


The answer is correct but be sure to INCLUDE the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- in the copy/paste. This command will then work:

openssl x509 -outform der -in gmail.pem -out gmail.der

and then you do:

sudo keytool -import -file gmail.der -keystore $JAVA_HOME/jre/lib/security/cacerts -trustcacerts
like image 25
Robert Glover Avatar answered Oct 25 '22 15:10

Robert Glover