Message-Id: <199908040137.SAA01205@laguna.eng.sun.com>
Date: Tue, 3 Aug 1999 18:37:05 -0700 (PDT)
From: Jan Luehe <luehe@laguna.eng.sun.com>
Subject: Re: Problem with certs for RSA keyentry using keytool
To: java-security@java.sun.com, sat@differential.com
Sat:
> We're having problems importing certs for an RSA keyentry within
> our keystore. The crypto provider is jsafe (crypto-J) from RSA.
>
> The base case that fails is as follows:
> We export the self-signed certificate (keytool -selfcert) that is
> associated with the key into a file and try to import it back (keytool
> -import) from that file without changes.
> It fails with an error message to the effect of: the public key in the
> keystore and the response do not match.
I have been able to reproduce your problem when using
Crypto-J 2.1.
After I installed Crypto-J 2.2, it worked fine, I got this
message (as expected):
keytool error: Certificate reply and certificate in keystore are identical
Jan
> We also see the exact same behavior with Verisign issued certs.
>
> We are using the following java 2 version:
> % java -version
> java version "1.2"
> Solaris VM (build Solaris_JDK_1.2_01, native threads, sunwjit)
>
> and the jsafe version is 2.1.
>
> Any help will be appreciated.
>
> Thanks,
>
> -- Sat
>