Skip navigation
15171 Views 2 Replies Latest reply: Apr 17, 2010 1:21 PM by jwhitepnv RSS
anebi Bronze 18 posts since
May 9, 2008
Currently Being Moderated

Sep 26, 2009 2:23 AM

"Public keys in reply and keystore don't match trying to import" new goddady certs and gd certs.



we have working openfire with SSL/TLS, but our certificate expired and now we wanted to renew it. It is signed from GoDaddy.


I followed these steps:


keytool -genkey -alias mydomain.tld -keyalg RSA -keysize 2048 -keystore


i entered my data for CN, OU, O etc.... and entered my password for keystore.


When i list keystore content using keytool i see that my new private key is there.


Then generated my new CSR file this way:


keytool -certreq -keystore -alias mydomain.tld -file mydomain.tld.csr


I used this CSR file to get signed GoDaddy cert.


I received the cert with gd_intermediate.crt, gd_cross_intermediate.crt and gd_cross_intermediate.crt certs.


Then i tried to import first gd certs this way:


keytool -import -keystore -alias mydomain.tld -file gd_intermediate.crt


But then i get this error:


keytool error: java.lang.Exception: Public keys in reply and keystore don't match


i get this when i try to import also gd_cross_intermediate.crt.


I checked several times alias that typed to make sure that it is correct and it was.


How to fix this problem and what can i do?

More Like This

  • Retrieving data ...

Bookmarked By (1)


  • Correct Answers - 10 points
  • Helpful Answers - 5 points