I'm so sorry, I just see your message in here.
To Export certificate from Microsoft Windows,
you have to install your certificates into windows first.
(by double click certificate file, .CER .P12 or .whatever
and then follow Wizard)
After your certificate is installed into windows,
you can see them by
- open Internet Explorer (There is other way to do, but this way is
easier)
- goto internet options
- select Content Tab
- click on Certificates button
Then you'll see your certificates there,
If you want to export, you can just click on Export button,
and follow Wizard.
- Keith
1. i use openssl to generate a keystore and then try to regenerate the
cert file through Windows. but i cannot repeat your problem.
actually where do u get the keystore file? you generate it by urself
or get it from CA? and is it a PKCS12 keystore?
2. Refer to the following statement
*********************************************
While testing, certificate that exported from Microsoft Windows always
got key-alias in {xxxxx-xxxxx-xxxxxx-xxxx} format, yes it is very long
alias. And when I tried to use that alias with Hermes. EBMS.log show
some errors, this error same as when I specified alias that doesn't
exist in keystore file.
*********************************************
Actually the keyalias is set in the keystore file. u got the key-alias
in {xxxxx-xxxxx-xxxxxx-xxxx} format because this is what stored in the
keystore. u can use the "keytool -list -keystore <xxx.p12> -storetype
PKCS12" to check the name of key-alias in keystore.
but i am not sure how come the problem is fixed after u have changed
the keyalias to a shorter name...
so i guess u are not using a self-generated keystore. rite?
I got my certificate problem solved,
I was using keytool to create keystore file,
that's why certificate chain information is missing,
so Hermes cannot attach certificate chain to the message.
But when I generated new keystore file using OpenSSL, it just work.
So I think OpenSSL better for use with Hermes.
My Hermes & Axway message interchange project is nearly complete soon,
it will be based on ebMS over HTTPS/SIGN.
> Email: kit.y...@apacus.com
> Site:http://www.apacus.com