How to Remove Expired Certificates within the Keytool Database Bundled with Secure Global Desktop to Resolve 'java.lang.Exception: Certificate not imported, alias already exists' Exceptions
(Doc ID 1022246.1)
Last updated on JANUARY 30, 2022
Applies to:Oracle Secure Global Desktop - Version 4.4 to 5.2 [Release 4.0 to 5.0]
Oracle WebCenter Content - Version 220.127.116.11.0 to 18.104.22.168.0 [Release 12c]
While working through the documented instructions for securing webservices (SOAP) using x.509 security certificates within a Secure Global Desktop (SGD) deployment, the administrator may receive the following error from the keytool command:
This error is reported by the Java keytool, a bundled utility included with the Secure Global Desktop product that is employed by the tomcat server to secure SOAP communications for the web services interface. This condition is most likely encountered while the administrator is replacing previously installed security certificates that have expired with updated certificates—potentially leading to a naming collision for each server in the array.
To resolve the issue, the administrator will need to identify any expired certificates that have been assigned to that host alias within the keytool database, and remove them. This article explains how this is done.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!