E-WL: Error Importing SSL Certificate using "pskeymanager -import": Error "keytool error: java.lang.Exception: Public keys in reply and keystore don't match"
(Doc ID 864572.1)
Last updated on FEBRUARY 06, 2018
Applies to:PeopleSoft Enterprise PT PeopleTools - Version 8.44 and later
Information in this document applies to any platform.
Trying to import new certificate against existing key alias (i.e. myalias) with pskeymanager.cmd/sh throws the following error:
A wrapper to Sun's keytool for managing keys and certificates.
Default passwords are 'password'
Using default keystore at keystore\pskey
Enter current keystore password [press ENTER to quit]:password
Warning: Your keystore password is set to the default password of
'password'. This is too obvious and should NEVER be used
in a production environment. You can change you keystore
password via the -changekeystorepassword option.
All certificates and keys require an alias that they will be referenced by.
Press ENTER to use local machine name, to exit enter 'QUIT'.
Specify an alias for this certificate [myhost]?myalias
Enter the name of the certificate file to import [press ENTER to quit]:myserver.mydomain.com.cer
keytool error: java.lang.Exception: Public keys in reply and keystore don't match
Import failed. Verify that the Certificate Authority that signed 'myserver.mydomain.com.cer'
has been loaded into your keystore 'keystore\pskey'
To view keystore contents issue 'PSkeymanager -list -keystore keystore\pskey [-v]'
To preview a certificate file issue 'PSkeymanager -previewfilecert -file myserver.mydomain.com.cer'
Or this error may display:
keytool error: java.lang.Exception: Certificate reply does not contain public key for <abc>
Import failed. Verify that the Certificate Authority that signed Concat.cer
has been loaded into your keystore /peopletools/webserv/peoplesoft/keystore/pskey
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document