Technote (troubleshooting)
Problem(Abstract)
Error using certificate stored in HSM:
java.io.IOException: Cannot load key-certificate from keystore. Alias xxxxxx does not exist.
Symptom
java.io.IOException: Cannot load key-certificate from keystore. Alias xxxxxx does not exist.
at com.sterlingcommerce.csp.configrt.SSLSettings.toServerTLSParms(SSLSettings.java:331)
at com.sterlingcommerce.csp.io.BufferTransferAgent.turnOnSssl(BufferTransferAgent.java:432)
at com.sterlingcommerce.csp.io.TurnOnSSL.execute(TurnOnSSL.java:159)
at com.sterlingcommerce.csp.io.BufferTransferAgent.canSend(BufferTransferAgent.java:166)
at com.sterlingcommerce.perimeter.api.conduit.DataConduitApiImpl$3.body(DataConduitApiImpl.java:211)
at com.sterlingcommerce.perimeter.api.ContextRunnable.run(ContextRunnable.java:41)
at com.sterlingcommerce.perimeter.api.scheduler.PooledScheduler$GatingScheduler$1.run(PooledScheduler.java:228)
at com.sterlingcommerce.perimeter.api.scheduler.TaskNode.run(TaskNode.java:62)
at com.sterlingcommerce.perimeter.api.scheduler.DebugPooledExecutor$Worker.
run(DebugPooledExecutor.java:784)
at java.lang.Thread.run(Thread.java:738)
Cause
The private key associated with the certificate is missing from HSM.
Environment
Eracom HSM
Resolving the problem
Export the certificate from key store (only the public certificate will be exported), append the private key to the exported certificate and import it again using the manageKeyCerts utility with the replace option.
Rate this page:
Copyright and trademark information
IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.