12-06-2017 02:46 AM
I need help here, I was at step 7 of "Level 3: Configuring the Cluster to Authenticate Agent Certificates"
But when I run this command to create PKCS12 version of JKS, it return this error
[root@msimaster1 pki]# keytool -importkeystore -srckeystore /opt/cloudera/security/pki/$(hostname -f)-agent.jks \ > -srcstorepass P@ssw0rd -srckeypass P@ssw0rd \ > -destkeystore /opt/cloudera/security/pki/$(hostname -f)-agent.p12 \ > -deststoretype PKCS12 -srcalias $(hostname -f)-agent -deststorepass \ > P@ssw0rd -destkeypass P@ssw0rd Problem importing entry for alias msimaster1-agent: java.security.KeyStoreException: Key protection algorithm not found: java.security.KeyStoreException: Certificate chain is not valid. Entry for alias msimaster1-agent not imported.
I'm quite new with this certificate matter, already googled this one but still can't solve this issue
Can anyone help to identify what this error mean and how to solve it please
Solved! Go to Solution.
12-06-2017 06:00 AM
12-06-2017 06:09 PM
I already install JCE for JAVA and already put local_policy.jar and US_export_policy.jar in $JAVA_HOME/jre/lib/security.
Do I have to change that file owner or permission?
01-09-2018 11:59 PM
Hi I solve this issue by just retry the step again, and it works. I think i made some mistake in generate and signing certificate, thanks for your help Tomas