Issue renewing SSL certificate
Hi, our SSL certificate for on-prem expires 13/09/2024.
I tried the commands that we used last time.
1.
keytool -genkey -alias desgnas152.hgroup.intra -keyalg RSA -keysize 2048 -keystore sdp.keystore -ext san=dns:desgnas152.hgroup.intra,dns:dsgnas152
Now I get this error:
keytool error: java.lang.Exception: Key pair not generated, alias <gbblwas003.hgroup.intra> already exists
2.
keytool -certreq -alias gbblwas003.hgroup.intra -file sdpkey.csr -keystore sdp.keystore -ext san=dns:gbblwas003.hgroup.intra,dns:gbblwas003
Now I get this warning:
Warning:
The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard format using "keytool -importkeystore -srckeystore sdp.keystore -destkeystore sdp.keystore -deststoretype pkcs12"
3. So then I did the command that was recommended.
keytool -importkeystore -srckeystore sdp.keystore -destkeystore sdp.keystore -deststoretype pkcs12
Enter source keystore password:
Entry for alias gbblwas003.hgroup.intra successfully imported.
Import command completed: 1 entries successfully imported, 0 entries failed or cancelled
Warning:
Migrated "sdp.keystore" to Non JKS/JCEKS. The JKS keystore is backed up as "sdp.keystore.old".
4.
I tried the 1st command again, got the same error.
5.
I tried the 2nd command again, prompted for the keystore password, and the two .csr and .keystore files were generated.
6.
I uploaded the keystore file and got this error.
That support file is available, if needed.