Highlighted
Super Contributor.. Super Contributor..
Super Contributor..
160 views

Forgive me all if this is a stupid question....

So a while ago in our Dev environment I had to re-install a RAS server. As part of this I wasnt providing a certificate and had to import the one created during the installation to the central server using the keytool.

We are now adding an additional RAS and I tried to repeat the process using the cert created installing the new RAS but im getting the error "Certificate not imported alias <myalias> already exits.

Obviously im doing something stupid or missing something obvious. I wasnt involved in the original build of our infrastructure and documentation on this isnt very helpful.

Any ideas or suggestions?

0 Likes
1 Solution

Accepted Solutions
Highlighted
Frequent Contributor.
Frequent Contributor.

Re: New RAS

Jump to solution

Does the java keystore you're importing into contain a certificate with the same serial as the one you're adding?:

You can check using

...keytool -list -v -keystore "...client.truststore" -storepass <changeit>

e.g.

C:\Program Files\Hewlett Packard Enterprise\HPE Operations Orchestration\java\bin\keytool -list -v -keystore c:\Program Files\Hewlett Packard Enterprise\HPE Operations Orchestration\ras\var\security\client.truststore -storepass changeit

If the certificate is not already in there, can you import it using a different alias?

e.g.

"C:\Program Files\Hewlett Packard Enterprise\HPE Operations Orchestration\java\bin\keytool" -importcert -alias DevildiabloNewCert -keystore c:\Program Files\Hewlett Packard Enterprise\HPE Operations Orchestration\ras\var\security\client.truststore -file MyCert.cer -storepass changeit

View solution in original post

2 Replies
Highlighted
Frequent Contributor.
Frequent Contributor.

Re: New RAS

Jump to solution

Does the java keystore you're importing into contain a certificate with the same serial as the one you're adding?:

You can check using

...keytool -list -v -keystore "...client.truststore" -storepass <changeit>

e.g.

C:\Program Files\Hewlett Packard Enterprise\HPE Operations Orchestration\java\bin\keytool -list -v -keystore c:\Program Files\Hewlett Packard Enterprise\HPE Operations Orchestration\ras\var\security\client.truststore -storepass changeit

If the certificate is not already in there, can you import it using a different alias?

e.g.

"C:\Program Files\Hewlett Packard Enterprise\HPE Operations Orchestration\java\bin\keytool" -importcert -alias DevildiabloNewCert -keystore c:\Program Files\Hewlett Packard Enterprise\HPE Operations Orchestration\ras\var\security\client.truststore -file MyCert.cer -storepass changeit

View solution in original post

Highlighted
Super Contributor.. Super Contributor..
Super Contributor..

Re: New RAS

Jump to solution

As you described I had to add a new alias.

The previous time I hadnt specified an alias so it must use a default alias name.

As I was trying to use the same command from the last time it was trying to use the same defauly alias name.

Thank you!!

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.