I m getting following error while signing client certificate using CA certificate. I m able to sign Server Certificate but when tried to sign client certificate it give me "certutil: unable to retrieve key SSLTestDEV: Peer's public key is invalid. certutil: could not obtain certificate from file: Peer's public key is invalid."
I m using enterprise edition of Sun Java System Application Server Enterprise Edition 8.1_02 (build b35-p17) on solaris server.
[b]ON SERVER MACHINE[/b]
Command i used to create CA certificate
/opt/SUNWappserver/appserver/lib/certutil -S -x -1 -2 -5 -m 100 -t "TCu,Cu,Cu" -s "CN=sapp81, OU=bbb.com, O=bbb LTD., L=Mumbai, ST=MA, C=IN" -n SSLTestCA -v 6 -d /var/opt/SUNWappserver/domains/ssl_server/config/
command i used to create Server certificate using above CA.
/opt/SUNWappserver/appserver/lib/certutil -S -c SSLTestCA -m 101 -t "Pu,Pu,Pu" -s "CN=ind-mhp1sunz59.bbb.com, OU=bbb.com, O=bbb LTD., L=Mumbai, ST=MA, C=IN" -n SSLTestDEV -v 12 -d /var/opt/SUNWappserver/domains/ssl_server/config
command i used to extract CA certificate from nss db
/opt/SUNWappserver/appserver/lib/certutil -L -n SSLTestCA -r -o SSLTestCA.cert -d /var/opt/SUNWappserver/domains/ssl_server/config
command i used to change CA certificate attribute
/opt/SUNWappserver/appserver/lib/certutil -A -n SSLTestCA -t "CT,C,C" -i SSLTestCA.cert -d /var/opt/SUNWappserver/domains/ssl_server/config
[b]ON CLIENT MACHINE[/b]
I copied CA certificate to client server then i exported the CA certificate to client NSS DB
/opt/SUNWappserver/appserver/lib/certutil -A -n SSLTestCA -t "CT,C,C" -i SSLTestCA.cert -d /var/opt/SUNWappserver/domains/ssl_client/config
TILL THIS IT WORKS FINE.
But when I try to create and sign client certificate using following command
/opt/SUNWappserver/appserver/lib/certutil -S -c SSLTestCA -m 3003 -t "Pu,Pu,Pu" -s "cn=ccc, ou=bbb.com, C=IN" -n SSLClient1 -v 12 -d .
it give me following error.
certutil: unable to retrieve key SSLTestCA : Peer's public key is invalid. certutil: could not obtain certificate from file: Peer's public key is invalid.
Can anybody please help me to solve this mystery.
[Message sent by forum member 'kuwaronline' (kuwaronline)]
http://forums.java.net/jive/thread.jspa?messageID=323172