000013380 - No X509 certificate in Client KeyStore

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000013380
Applies ToRSA Key Manager Java Client
IBM iKeyman
Issueunexpected error: No X509 certificate in Client KeyStore
CauseSunJCE
Resolution

1. Go to JDK installed dir, then go to jre\lib\security dir.
2. In Security dir, open the java.security file and add provider in list of providers section.
3. The property name and value are security.provider.1=com.rsa.jsafe.provider.JsafeJCE.
4. Need to modify the list numbers to give the order.
5. Copy the crypto.jar from jsafe 4.x in jre\lib folder or update the classpath from where your running the sample.

In case of only jre is installed. Go to the jre installed dir and repeat the steps from 2-5 to run the sample or client.

Workaround:

Get KeyTool UI from http://yellowcat1.free.fr/index_ktl.html
Click on Tools --> Keystore Manager ?  PKCS12 keystore...
Select your P12 & provide its password.
Right click on the "key" row --> Rename private key alias
Name it "key_and_cert"
Right click on the "cert" row --> Rename Trusted Certifcate alias
Name it "ca_cert"
Close KeyTool UI

Legacy Article IDa48346

Attachments

    Outcomes