ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum Index » IBM MQ Security » Certificate not getting added to MQ key database

Post new topic  Reply to topic Goto page Previous  1, 2
 Certificate not getting added to MQ key database « View previous topic :: View next topic » 
Author Message
VJ
PostPosted: Thu Nov 25, 2010 12:33 am    Post subject: Reply with quote

Newbie

Joined: 24 Nov 2010
Posts: 5
Quote:
Hi All

Thanks for all suggestions.

What I tried is to pick the .der file from another location which was attached in the service request and now if I try to add I get a error

An attempt to store the certifcate failed.
All the Signer certificates must exsist in the key database .

Do I need a some other file to with .der file.


Use the Extract command mentioned by "shashivarungupta" and you have to "add" the certificate in the client database instead of "Receiving or Importing" it.

Use the following command to add this certificate in client DB.
gsk7cmd_64 -cert -add -db key.kdb -pw password -label ibmwebspheremqqmgr1 -file qmgr1.der -format binary –trust enable
Back to top
View user's profile Send private message
exerk
PostPosted: Thu Nov 25, 2010 12:57 am    Post subject: Reply with quote

Jedi Council

Joined: 02 Nov 2006
Posts: 6339
VJ wrote:
...you have to "add" the certificate in the client database instead of "Receiving or Importing" it.


Works for CA certificates, not personal certificates signed by a CA.
_________________
It's puzzling, I don't think I've ever seen anything quite like this before...and it's hard to soar like an eagle when you're surrounded by turkeys.
Back to top
View user's profile Send private message
fjb_saper
PostPosted: Thu Nov 25, 2010 5:42 am    Post subject: Reply with quote

Grand High Poobah

Joined: 18 Nov 2003
Posts: 20696
Location: LI,NY
exerk wrote:
VJ wrote:
...you have to "add" the certificate in the client database instead of "Receiving or Importing" it.


Works for CA certificates, not personal certificates signed by a CA.

You can inspect the cert signed by the CA (in windows a double click will do it). You need to check the signer on that cert. Then check if the signer is an intermediate cert from the CA authority. If this is the case and you don't have the intermediate cert in the chain you can download it (the intermediate cert) from the CA's website and add it to your truststore so that the cert chain is complete.

Have fun
_________________
MQ & Broker admin
Back to top
View user's profile Send private message Send e-mail
Display posts from previous:   
Post new topic  Reply to topic Goto page Previous  1, 2 Page 2 of 2

MQSeries.net Forum Index » IBM MQ Security » Certificate not getting added to MQ key database
Jump to:  



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP
  
 


Theme by Dustin Baccetti
Powered by phpBB © 2001, 2002 phpBB Group

Copyright © MQSeries.net. All rights reserved.