This website uses cookies. By continuing to browse or login to this website, you consent to the use of cookies. Learn more.
OK
Devildiablo
Commodore Commodore
Commodore
‎2020-01-16 18:07
246 views

New RAS

Jump to solution

Forgive me all if this is a stupid question....

So a while ago in our Dev environment I had to re-install a RAS server. As part of this I wasnt providing a certificate and had to import the one created during the installation to the central server using the keytool.

We are now adding an additional RAS and I tried to repeat the process using the cert created installing the new RAS but im getting the error "Certificate not imported alias <myalias> already exits.

Obviously im doing something stupid or missing something obvious. I wasnt involved in the original build of our infrastructure and documentation on this isnt very helpful.

Any ideas or suggestions?

0 Likes
Reply
Report Inappropriate Content
1 Solution

Accepted Solutions
RustedSpork
Ensign
Ensign
‎2020-01-17 12:20

Jump to solution

Does the java keystore you're importing into contain a certificate with the same serial as the one you're adding?:

You can check using

...keytool -list -v -keystore "...client.truststore" -storepass <changeit>

e.g.

C:\Program Files\Hewlett Packard Enterprise\HPE Operations Orchestration\java\bin\keytool -list -v -keystore c:\Program Files\Hewlett Packard Enterprise\HPE Operations Orchestration\ras\var\security\client.truststore -storepass changeit

If the certificate is not already in there, can you import it using a different alias?

e.g.

"C:\Program Files\Hewlett Packard Enterprise\HPE Operations Orchestration\java\bin\keytool" -importcert -alias DevildiabloNewCert -keystore c:\Program Files\Hewlett Packard Enterprise\HPE Operations Orchestration\ras\var\security\client.truststore -file MyCert.cer -storepass changeit

View solution in original post

Reply
Report Inappropriate Content
2 Replies
RustedSpork
Ensign
Ensign
‎2020-01-17 12:20

Jump to solution

Does the java keystore you're importing into contain a certificate with the same serial as the one you're adding?:

You can check using

...keytool -list -v -keystore "...client.truststore" -storepass <changeit>

e.g.

C:\Program Files\Hewlett Packard Enterprise\HPE Operations Orchestration\java\bin\keytool -list -v -keystore c:\Program Files\Hewlett Packard Enterprise\HPE Operations Orchestration\ras\var\security\client.truststore -storepass changeit

If the certificate is not already in there, can you import it using a different alias?

e.g.

"C:\Program Files\Hewlett Packard Enterprise\HPE Operations Orchestration\java\bin\keytool" -importcert -alias DevildiabloNewCert -keystore c:\Program Files\Hewlett Packard Enterprise\HPE Operations Orchestration\ras\var\security\client.truststore -file MyCert.cer -storepass changeit

View solution in original post

Reply
Report Inappropriate Content
Devildiablo
Commodore Commodore
Commodore
‎2020-01-20 14:49

Jump to solution

As you described I had to add a new alias.

The previous time I hadnt specified an alias so it must use a default alias name.

As I was trying to use the same command from the last time it was trying to use the same defauly alias name.

Thank you!!

0 Likes
Reply
Report Inappropriate Content
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.