000027916 - KB-1593 What is the meaning of the keytool usage error, "not a legal command" ?

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000027916
Applies ToAffected Versions: 5.X
IssueThe command as listed in the Aveksa Managers Guide is shown here:
keytool -certreq -alias server -storepass "Av3k5a15num83r0n3" -file ~/acmserver.csr-keystore aveksa.keystore
When this command is run from the Linux command line, the following error is noted:
keytool error: java.lang.RuntimeException: Usage error, aveksa.keystore is not a legal command
This is a typographical error in the the ACM Managers Guide. Notice that there is no space between the following components of the command shown above:
~/acmserver.csr and -keystore.
-keystore is a command line option to the keytool command. There needs to be a space between the -keystore option and the previous command option parameter (which in this case is ~/acmserver.csr). Because there is no space, keytool is including -keystore as part of the previous option and then trying to parse the next parameter, aveksa.keystore, as a command. This results in the error message shown above.
ResolutionTo correct this problem, simply add a space between .csr and the -keystore. The correct syntax of this command is shown here:
keytool -certreq -alias server -storepass "Av3k5a15num83r0n3" -file ~/acmserver.csr -keystore aveksa.keystore
NotesIn the example shown above, the -file parameter is shown as ~/<filename.csr>. Any filename can be used. One that helps the enduser identify the file being created is recommended. The '~/' portion of the filename tells the keytool command to create the file in the home directory of the Linux account that is currently logged in. This command would typically be run as the Aveksa Linux oracle user, thus the file would be created in /home/oracle, which is the home directory of this user. Any path that the user executing the command has write access to can be specified.