Cert wont convert to java keystore trouble supporting ssl

PhantomBot Version 3.0.0:
OS Version: utbutnu 16.04 LTS
Java Version: openjdk version “1.8.0_191”
Browser and Version (for Panel Support): firefox quantum 67.0.2 (64-bit)
Stock PhantomBot: Yes
i have a buddy that can only use ssl cause Chromebook im sharing a server with and i get an error when running the commands to convert a certbot cert to a java keystore that comes up even after deleting and recreating the cert
keytool error: java.io.IOException: DerInputStream.getLength(): lengthTag=109, too big.

The only thing I can do is present how it works for most folks, otherwise, you will need to contact Let’s Encrypt to ask why the certificate is throwing that error when trying to add to a keystore. The root cause for that is typically a badly formatted certificate.

    openssl pkcs12 -export -in /etc/letsencrypt/live/hostname.fqdn/cert.pem \
                   -inkey /etc/letsencrypt/live/hostname.fqdn/privkey.pem \
                   -out /phantombot/config/pkcs.p12 -name hostname.fqdn \
                   -password pass:password

    yes | /usr/java/jdk1.8.0_102/bin/keytool -importkeystore \
                                             -deststorepass password \
                                             -destkeystore /phantombot/config/keystore.jks \
                                             -srckeystore /phantombot/config/pkcs.p12 \
                                             -srcstoretype PKCS12 \
                                             -srcstorepass password \
                                             -alias hostname.fqdn

thank you but i don’t think those arguments would work for my case ive been throwing the commands listed in how to enable ssl in phantombot under creating a java keystore How to Enable SSL on PhantomBot as what i have is fullchain and a priv key not a cert file (i think)and its been throwing the usual java bull so im going to go and put a cert bot ticket now please close.

LetsEncrypt will provide you with all of those files in its output folder, which defaults to /etc/letsencrypt/live

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.