• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Ora 10gAS: java.io.IOException: Keystore was tampered with, or password was incorrect

 
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I am a newbie for security certificates and their application.

I am using Oracle 10gAS and trying on configure SSL on one of its instances. The configuration guide asks to add the required certificate to the trust store.

# Create a backup of the truststore file cacerts, for example, cacerts.bak.
# Execute the following command to add the required certificate to the trust store:

$ORACLE_HOME/jdk/bin/keytool -import -alias <aliasName> -file <root_certificate_file_name> -trustcacerts -v -keystore $ORACLE_HOME/javavm/lib/security/cacerts

when i run this command, i continue to get the following:

Enter keystore password: xxxxxx
keytool error: java.io.IOException: Keystore was tampered with, or password was incorrect

I also tried the following and received the same error:

D:\Oracle\Infra1012\jdk\bin>keytool -list -v -keystore %ORACLE_HOME%\javavm\lib\security\cacerts
Enter keystore password: xxxxxx
keytool error: java.io.IOException: Keystore was tampered with, or password was incorrect

Can someone help me see where is the problem and how to fix it please?

thank you very much!
 
Ranch Hand
Posts: 254
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Sam,

Normally you don't tamper with the existing JRE keystore. What you should do is to
(1) create a new keystore
(2) import the certificate to the new keystore
(3) configure your application to trust the new keystore by setting the system properties "javax.net.ssl.keyStore" and "javax.net.ssl.trustStore" to the location of the new keystore.

Check out the keytool reference here.
 
I guess everyone has an angle. Fine, what do you want? Just know that you cannot have this tiny ad:
a bit of art, as a gift, the permaculture playing cards
https://gardener-gift.com
reply
    Bookmark Topic Watch Topic
  • New Topic