ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.
Error importing signed certificate into AutoSys Web Server keystore - keytool error: java.lang.Exception: Public keys in reply and keystore don't match
Article ID: 144719
CA Workload Automation AE - Business Agents (AutoSys)CA Workload Automation AE - System Agent (AutoSys)CA Workload Automation AE - Scheduler (AutoSys)Workload Automation AgentCA Workload Automation AE
While following the product documentation for customizing SSL for the AutoSys Web Server to use a certificate from a trusted Certificate Authority, an error was received when attempting to import the signed private certificate into the keystore...
keytool error: java.lang.Exception: Public keys in reply and keystore don't match
In AutoSys 11.3.6 SP8, the keystore for the Web Server was changed to a BCFKS storetype. The error occurs when the signed certificate will not import properly into that storetype.
AutoSys 11.3.6 SP8 UNIX Linux
Logon to the AutoSys Web Server machine.
cd to $AUTOUSER/webserver/conf
Backup the existing .keystore file and then remove it.
Create a temporary JKS keystore containing your private key and self-signed certificate...
Request a certificate in PEM format from a certificate authority. Contact the certificate authority that you chose for specific instructions. Obtain the root certificate, any intermediate certificates, and the signed private certificate and place them in $AUTOUSER/webserver/conf on the Web Server machine.
cd back to $AUTOUSER/webserver/conf
Import the root certificate into the temporary keystore...