I received a new certificate in crt / cert format. When I open this file in a text editor, it adds a whole chain of certificates to this file. Each certificate begins with:
And ends:
There are no empty lines between the lines. Since I am not interested in openssl , I opened the certificate on Windows and exported the certificate with the full chain in PKCS#7 format (test.p7b). When I open this file, everything looks fine on Windows, and the root, intermediate and certificate are all in the chain.
When I put the test.p7b file on the server and try to import it using keytool as follows:
keytool -import -trustcacerts -alias my.domain.com -keystore my.domain.keystore -keypass changeme -storepass changeme -file test.p7b
I get the following error:
keytool error: java.lang.Exception: Input not an X.509 certificate
When I test the P7B file, I also get errors:
bash-4.1$ openssl x509 -in test.p7b -text unable to load certificate 140009984849736:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:698:Expecting: TRUSTED CERTIFICATE
or
bash-4.1$ openssl x509 -in test.p7b -inform DER -text unable to load certificate 140396587853640:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1320: 140396587853640:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:382:Type=X509_CINF 140396587853640:error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error:tasn_dec.c:752:Field=cert_info, Type=X509
Can someone help me?
source share