I am trying to generate a pfx file to use as a signing mechanism for some JAR files as per these instructions.
To create the pfx file I am using the following command
openssl pkcs12 -export -in my-cert.crt -inkey my-priv-key.key -certfile my-ca-bundle -out my-pfx.pfx
This command successfully generates me a pfx file, however, when I try to find the alias using the following command
keytool -list -storetype pkcs12 -keystore my-pfx.pfx -v | grep Alias
I get the following response
Alias name: 2
According to the note linked above (and other research I have done) the Alias returned should look something like this
le-d491f28f-ee7b-40e2-b1a7-2b7c3a71979a
If I try to use the Alias value I am getting (e.g. 2) using the following command
jarsigner -keystore my-pfx.pfx -storetype PKCS12 jacob.jar 2
which results in the following error message
jarsigner: Certificate chain not found for: 2. 2 must reference a valid KeyStore key entry containing a private key and corresponding public key certificate chain.
I am totally stumped as to why I am not getting a correct alias.. Any helpful suggestions ?
Thanks
Try using option -name "alias"
with command openssl pkcs12
.
So, the full command may look like (the rest of options were taken from your question):
openssl pkcs12 -export -in my-cert.crt -inkey my-priv-key.key -certfile my-ca-bundle -out my-pfx.pfx -name "alias"