I have this in an ActiveMQ config:
<sslContext>
<sslContext keyStore="file:/home/alex/work/amq/broker.ks"
keyStorePassword="password" trustStore="file:${activemq.base}/conf/broker.ts"
trustStorePassword="password"/>
</sslContext>
I have a pair of X.509 cert and a key file.
How do I import those two in order to use them in SSL and SSL+stomp connectors? All examples I could google always generate the key themselves, but I already have a key.
I have tried
keytool -import -keystore ./broker.ks -file mycert.crt
but this only imports the certificate and not the key file and results in
2009-05-25 13:16:24,270 [localhost:61612] ERROR TransportConnector - Could not accept connection : No available certificate or key corresponds to the SSL cipher suites which are enabled.
I have tried concatenating the cert and the key but got the same result.
How do I import the key?
Advertisement
Answer
Believe or not, keytool does not provide such basic functionality like importing private key to keystore. You can try this workaround with merging PKSC12 file with private key to a keystore:
keytool -importkeystore -deststorepass storepassword -destkeypass keypassword -destkeystore my-keystore.jks -srckeystore cert-and-key.p12 -srcstoretype PKCS12 -srcstorepass p12password -alias 1
Or just use more user-friendly KeyMan from IBM for keystore handling instead of keytool.