VMware Cloud Community
thomps01
Enthusiast
Enthusiast

How do I export my self signed certificate from keystore?

Hi,


I've created a pair of self-signed certificates using the keytool provided with vCloud Director and I now need to export these for use with an F5 load balancer.

Can anyone provide a command to me for exporting the http and consoleproxy certificates from the certificates.ks created with keytool?

Thanks

Reply
0 Kudos
3 Replies
IamTHEvilONE
Immortal
Immortal

Do you mean something like this?

http://docs.oracle.com/javase/tutorial/security/toolsign/step5.html

just make sure to add the parameters for the keystore type.

Best Regards,

Jon Hemming

Reply
0 Kudos
thomps01
Enthusiast
Enthusiast

Hi,


I've tried using the following command as indicated in the link you provided but I receive an error message.

The command I'm using is:

keytool - export -keystore /opt/keystore/ -alias http -file http.cer

Once I enter the password, the following error is shown.

"keytool error: java.lang.IllegalArgumentException: Alias [http] MUST be known to the key store"

The original command I used to generate the keystore for http was this:

keytool -keystore /opt/keystore/certificates.ks - storetype JCEKS - storepass password -validity 365 -genkey -keyalg RSA -alias http

If I try to use the following command which includes the keystore filename, I see a slightly different error.

keytool - export -keystore /opt/keystore/certficates.ks -alias http -file http.cer

The error this time is "keytool error: gnu.javax.crypto.keyring.MalformedKeyringException: incorrrect magic"

Reply
0 Kudos
thomps01
Enthusiast
Enthusiast

I'll reply to my own message because I've finally found the command which works for me.

./keytool -export -storetype JCEKS -storepass password -keystore /opt/keystore/certificates.ks -alias http -file http.cer

Reply
0 Kudos