Cannot load key-certificate from keystore

Technote (troubleshooting)


Problem(Abstract)

Error using certificate stored in HSM:

java.io.IOException: Cannot load key-certificate from keystore. Alias xxxxxx does not exist.

Symptom

java.io.IOException: Cannot load key-certificate from keystore. Alias xxxxxx does not exist.
at com.sterlingcommerce.csp.configrt.SSLSettings.toServerTLSParms(SSLSettings.java:331)
at com.sterlingcommerce.csp.io.BufferTransferAgent.turnOnSssl(BufferTransferAgent.java:432)
at com.sterlingcommerce.csp.io.TurnOnSSL.execute(TurnOnSSL.java:159)
at com.sterlingcommerce.csp.io.BufferTransferAgent.canSend(BufferTransferAgent.java:166)
at com.sterlingcommerce.perimeter.api.conduit.DataConduitApiImpl$3.body(DataConduitApiImpl.java:211)
at com.sterlingcommerce.perimeter.api.ContextRunnable.run(ContextRunnable.java:41)
at com.sterlingcommerce.perimeter.api.scheduler.PooledScheduler$GatingScheduler$1.run(PooledScheduler.java:228)
at com.sterlingcommerce.perimeter.api.scheduler.TaskNode.run(TaskNode.java:62)
at com.sterlingcommerce.perimeter.api.scheduler.DebugPooledExecutor$Worker.
run(DebugPooledExecutor.java:784)
at java.lang.Thread.run(Thread.java:738)


Cause

The private key associated with the certificate is missing from HSM.

Environment

Eracom HSM

Resolving the problem

Export the certificate from key store (only the public certificate will be exported), append the private key to the exported certificate and import it again using the manageKeyCerts utility with the replace option.

Rate this page:

(0 users)Average rating

Document information


More support for:

Sterling Secure Proxy

Software version:

3.4

Operating system(s):

AIX

Reference #:

1623773

Modified date:

2013-01-29

Translate my page

Machine Translation

Content navigation