- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Float this Question for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Key protection algorithm not found: java.security.KeyStoreException: Certificate chain is not valid
- Labels:
-
Cloudera Manager
-
Security
Created 12-06-2017 02:46 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi All,
I need help here, I was at step 7 of "Level 3: Configuring the Cluster to Authenticate Agent Certificates"
But when I run this command to create PKCS12 version of JKS, it return this error
[root@msimaster1 pki]# keytool -importkeystore -srckeystore /opt/cloudera/security/pki/$(hostname -f)-agent.jks \ > -srcstorepass P@ssw0rd -srckeypass P@ssw0rd \ > -destkeystore /opt/cloudera/security/pki/$(hostname -f)-agent.p12 \ > -deststoretype PKCS12 -srcalias $(hostname -f)-agent -deststorepass \ > P@ssw0rd -destkeypass P@ssw0rd Problem importing entry for alias msimaster1-agent: java.security.KeyStoreException: Key protection algorithm not found: java.security.KeyStoreException: Certificate chain is not valid. Entry for alias msimaster1-agent not imported.
I'm quite new with this certificate matter, already googled this one but still can't solve this issue
Can anyone help to identify what this error mean and how to solve it please
Created 01-09-2018 11:59 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi I solve this issue by just retry the step again, and it works. I think i made some mistake in generate and signing certificate, thanks for your help Tomas
Created 12-06-2017 06:00 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
(JCE) Maybe there is a problem, that the algortihm is too strong.
Created 12-06-2017 06:09 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I already install JCE for JAVA and already put local_policy.jar and US_export_policy.jar in $JAVA_HOME/jre/lib/security.
Do I have to change that file owner or permission?
Created 12-06-2017 10:17 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
the keystore and keys?
Created 01-09-2018 11:59 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi I solve this issue by just retry the step again, and it works. I think i made some mistake in generate and signing certificate, thanks for your help Tomas