I\"m importing a SSL certificate to use in Tomcat in mine keystore using keytool and also it fails with \"Public tricks in reply and keystore don\"t match\"

Problem can be asserted by the truth that I produced a brand-new keystore after ns accidentaly gotten rid of the old keystore record which I used from my CSR.

You are watching: Public keys in reply and keystore don t match

Now I got a .crt file and a .ca file. What\"s the best method to make SSL job-related under tomcat in my instance now ?

Thanks in advance,



Your private an essential was in the keystore friend accidently deleted. Public and also private crucial must match, girlfriend cannot develop one there is no the other.

(I\"m cut a couple of corners to store it short)

The CSR has details about your windy key. It is signed by an certificate authority (CA), and package it in a certificate. The private key is not sent come the CA.

So if you produced a new private-public an essential pair ~ deleting the original keystore, the public crucial you now have actually is not the one in the certificate girlfriend received. Even if there was a way to pressure the public key in there, the cryptography would not work.

You now have two options :

Restore a backup and get the old keystore backMake a new request
improve this price
edited Dec 7 \"12 at 15:39
reply Dec 7 \"12 in ~ 14:04

85311 gold badge77 silver badges2424 bronze badges
include a comment |

her Answer

Thanks for contributing an answer to Server Fault!

Please be sure to answer the question. Provide details and also share her research!

But avoid

Asking because that help, clarification, or responding to various other answers.Making statements based upon opinion; back them increase with references or personal experience.

To discover more, see our advice on writing an excellent answers.

See more: Leaving On A Jet Plane Peter Paul And Mary Lyrics, Peter, Paul And Mary

Draft saved
Draft discarded

Sign up or log in in

sign up using Google
authorize up using Facebook
sign up using Email and Password

Post as a guest

email Required, yet never shown

Post together a guest


Required, however never shown

short article Your prize Discard

By click “Post her Answer”, you agree come our regards to service, privacy policy and also cookie policy

Not the price you're feather for? Browse other questions tagged ssl tomcat certificate keytool or asking your very own question.

The Overflow Blog
Featured on Meta
Tomcat - Exporting private Key?
income private vital and certificate right into Tomcat?
fiddle SSL Cert indigenous IIS and import into GlassFish keystore
problem replacing SSL certificate v renewed one on Tomcat 6.0 (using keytool)
installation SSL Thawte Certificates because that tomcat indigenous pre-generated Private an essential
just how to download ssl top top tomcat 7?
deserve to I usage openssl to create key/cert because that tomcat?
Importing SSL from Godaddy making use of Tomcat (SYSAID)
how to develop a *.crt file out the keystore? (SSL / Tomcat)
walk deleting a keystore alias result in the CSR gift useless
hot Network questions an ext hot inquiries

inquiry feed
i ordered it to RSS
question feed To subscribe to this RSS feed, copy and also paste this URL right into your RSS reader.


Server fault
stack Exchange Network
site design / logo design © 2021 ridge Exchange Inc; user contributions license is granted under cc by-sa. Rev2021.9.28.40331

Server fault works ideal with JavaScript enabled

her privacy

By clicking “Accept every cookies”, you agree ridge Exchange deserve to store cookie on your machine and disclose information in accordance with our Cookie Policy.