ok, that helps (I think) as when I generataed the cert it was a
different password. I am looking at this site
(
http://download.oracle.com/javase/6/docs/technotes/tools/solaris/keytool.html#KeyStoreImplementation)
As I said, there are no [extentions] when I use the -list -v with the
new .jks, and when I -printcert with the new cert, I see extentions,
so I as I read, I think I need to try to import them. So when I issue
this command;
keytool -import -alias wfgfcert -file 2011.wfgfcert.cert -keystore gf.jks
Enter keystore password: (enter changeit)
Enter key password for <wfgfcert> (changeit)
keytool error: java.security.UnrecoverableKeyException: Cannot recover key
So, I do think I need to change the password on the cert. I am
reading that page, but do I change it with the keytool --storepass
command?
Man when this is over, I owe you a beer to say the least!
On Tue, Sep 20, 2011 at 12:48 PM, Shing Wai Chan
<shing.wai.chan_at_oracle.com> wrote:
>
>> Started (still using the expiring keytool) and started with no
>> problems. When I changed the config to use the new gf.jks file it
>> failed with the same error. When the cert was 1st created it was
>> something else, but that's when I started the thread and changed the
>> gf.jks password using the keytool.
>
> Note that for each certificate, there is a password.
> It has need to be the same, changeit, in this case.
>
>
>