| Author |
Message
|
| ochocki |
 Posted: Wed Mar 30, 2011 7:12 am Post subject: Receiving RENEWED certificate |
 |
|
Novice
Joined: 05 Jan 2009
Posts: 10
|
Hi,
Two years ago I succesfully managed to configure client certificate for my mq installation. Since the certificate expired I received a new one and now I'm not able to import this cer in "IBM Key management" tool ("Receive" button).
After choosing *.cer file in file dialog error message appears:
"the certificate request created for the certificate is not in the key database"
Of course it is not, because I didn't create it. Is there a way to import RENEWED certificate without having created request first? I have to add that I can see my expired certificate, but when I choose "Personal Certificate Requests" the list is empty.
M |
|
| Back to top |
|
 |
| exerk |
| Posted: Wed Mar 30, 2011 7:26 am Post subject: |
|
|
Jedi Council
Joined: 02 Nov 2006
Posts: 6339
|
So how was the certificate requested? Who has the key store in which the request was generated, or the private key file etc.?
_________________
It's puzzling, I don't think I've ever seen anything quite like this before...and it's hard to soar like an eagle when you're surrounded by turkeys. |
|
| Back to top |
|
|
| ochocki |
| Posted: Wed Mar 30, 2011 8:03 am Post subject: |
|
|
Novice
Joined: 05 Jan 2009
Posts: 10
|
I have no idea, the remote mq installation is out of my control.
They just claim, they just 'renewed the certificate'. |
|
| Back to top |
|
|
| exerk |
| Posted: Wed Mar 30, 2011 8:43 am Post subject: |
|
|
Jedi Council
Joined: 02 Nov 2006
Posts: 6339
|
Then 'they' need to do the receive into the key store where the certificate request was created and export the certificate to send to you, and you need to import it into your key store. You may have to delete the current certificate, i.e. the expired one, so take a back-up of your key store files first.
_________________
It's puzzling, I don't think I've ever seen anything quite like this before...and it's hard to soar like an eagle when you're surrounded by turkeys. |
|
| Back to top |
|
|
| fjb_saper |
| Posted: Wed Mar 30, 2011 6:39 pm Post subject: |
|
|
Grand High Poobah
Joined: 18 Nov 2003
Posts: 20696
Location: LI,NY
|
| ochocki wrote: |
I have no idea, the remote mq installation is out of my control.
They just claim, they just 'renewed the certificate'. |
You can try a few steps. Assuming that the renewed cert is against the same request from the original... try following using ikeyman...
Selecting the current certificate look for the recreate request button and push it. You should then see a certificate request in your keystore. Try and import the new renewed cert. If this fails again you will have to create a new request in the keystore and have that request signed by your cert authority...
Have fun 
_________________
MQ & Broker admin |
|
| Back to top |
|
|
| ochocki |
| Posted: Wed Mar 30, 2011 10:35 pm Post subject: |
|
|
Novice
Joined: 05 Jan 2009
Posts: 10
|
| After pushing [Recreate request] only arm file is created - I do not see any request in 'Personal Certificate requests' section |
|
| Back to top |
|
|
| fjb_saper |
| Posted: Thu Mar 31, 2011 5:43 pm Post subject: |
|
|
Grand High Poobah
Joined: 18 Nov 2003
Posts: 20696
Location: LI,NY
|
| ochocki wrote: |
| After pushing [Recreate request] only arm file is created - I do not see any request in 'Personal Certificate requests' section |
Sure but can you then receive the "renewed" cert ?
_________________
MQ & Broker admin |
|
| Back to top |
|
|
| ochocki |
| Posted: Thu Mar 31, 2011 11:02 pm Post subject: |
|
|
Novice
Joined: 05 Jan 2009
Posts: 10
|
| Yes, I tried, but since only an .arm file was created and no reqest was placed in 'Personal Certificate Requests' section I'm getting error message: 'The certificate request created for the certificate is not in the key database' |
|
| Back to top |
|
|
| exerk |
| Posted: Thu Mar 31, 2011 11:49 pm Post subject: |
|
|
Jedi Council
Joined: 02 Nov 2006
Posts: 6339
|
Do as I advised in an earlier post...
_________________
It's puzzling, I don't think I've ever seen anything quite like this before...and it's hard to soar like an eagle when you're surrounded by turkeys. |
|
| Back to top |
|
|
|
|
