Java Keystore Status "not private"

Questions and Answers on installation, deployment, management, locking, tranasactions of Servoy Application Server

Java Keystore Status "not private"

Postby Bernd.N » Wed Mar 10, 2021 7:04 pm

My old jks-Keystore shows:
Status: valid

My new Keystore shows:
Status: not private / certificate is public or password mismatch

Is this a problem, or can I sign my JARs anyway with that keystore, without further harm?

A second difference to the old keystore is, that the new one lacks the following three lines regarding the chain verification:
Chain verification: OK
intermediate: CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB
root: CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB
Bernd Korthaus
LinkedIn
Servoy 7.4.9 SC postgreSQL 9.4.11 Windows 10 Pro
User avatar
Bernd.N
 
Posts: 543
Joined: Mon Oct 21, 2013 5:57 pm
Location: Langenhorn, North Friesland, Germany

Re: Java Keystore Status "not private"

Postby mboegem » Fri Mar 12, 2021 3:46 pm

Hi Bernd,

I think something has gone wrong when creating the keystone.
Just went through the whole process myself after renewal of my old certifcate.
Below steps are really the easiest way I could find to create a new certificate
(btw I picked up my certificate through IE)

PFX certficate export from IE:
- Goto Internet Options > Content > Certificates
- Select certificate
- Export
- Export wizard: include private key
- Export wizard: PFX-file > include all certificates + enable certificate privacy
- Export wizard: set password
- Export wizard: encryption: TripleDES-SHA1
- Export wizard: enter filename
- Save File

Then create JKS:
- Open keystore explorer (http://keystore-explorer.org)
- Create new keystore
- Import trusted certificate ‘root’ with alias ‘root’
- Import trusted certificate ‘intermediate’ with alias ‘intermediate’
- Import key pair ‘p12-file’ with alias ‘private’
- Save JKS-file

That's it, hope it helps
_____________________
Marc Boegem
Solutiative / JBS Group, Partner
• Servoy Certified Developer
• Servoy Valued Professional
• Freelance SAN Developer

Image
User avatar
mboegem
 
Posts: 1573
Joined: Sun Oct 14, 2007 1:34 pm
Location: Amsterdam

Re: Java Keystore Status "not private"

Postby Bernd.N » Wed Mar 17, 2021 10:46 am

Thank you very much for the detailed description.
I will test this approach.
Bernd Korthaus
LinkedIn
Servoy 7.4.9 SC postgreSQL 9.4.11 Windows 10 Pro
User avatar
Bernd.N
 
Posts: 543
Joined: Mon Oct 21, 2013 5:57 pm
Location: Langenhorn, North Friesland, Germany


Return to Servoy Server

Who is online

Users browsing this forum: No registered users and 4 guests