Jul 222013

While running keytool -printcert -v -file D:\cert.crt if you are getting below error then make sure you have followed below steps .

1. keytool -genkey -alias tomcat -keyalg RSA -keystore D:\key

2. keytool -certreq -v -alias tomcat -keyalg RSA -keystore D:\key>D:\cert.crt

3. keytool -exportcert -rfc -keystore D:\key -file D:\cert.crt

4. keytool -printcert -v -file D:\cert.crt
If you dont do number 3 then below error will comD:

keytool error: java.lang.Exception: Failed to parse input
java.lang.Exception: Failed to parse input
at sun.security.tools.KeyTool.printCertFromStream(KeyTool.java:2228)
at sun.security.tools.KeyTool.doPrintCert(KeyTool.java:2395)
at sun.security.tools.KeyTool.doCommands(KeyTool.java:1067)
at sun.security.tools.KeyTool.run(KeyTool.java:338)
at sun.security.tools.KeyTool.main(KeyTool.java:331)
Caused by: java.security.cert.CertificateParsingException: java.io.IOException: ObjectIdentifier() — data isn’t an object ID (tag = 49)
at sun.security.x509.X509CertInfo.<init>(X509CertInfo.java:171)
at sun.security.x509.X509CertImpl.parse(X509CertImpl.java:1747)
at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:196)
at sun.security.provider.X509Factory.parseX509orPKCS7Cert(X509Factory.java:429)
at sun.security.provider.X509Factory.engineGenerateCertificates(X509Factory.java:335)
at java.security.cert.CertificateFactory.generateCertificates(CertificateFactory.java:462)
at sun.security.tools.KeyTool.printCertFromStream(KeyTool.java:2226)
… 4 more
Caused by: java.io.IOException: ObjectIdentifier() — data isn’t an object ID (tag = 49)
at sun.security.util.ObjectIdentifier.<init>(ObjectIdentifier.java:253)
at sun.security.util.DerInputStream.getOID(DerInputStream.java:281)
at sun.security.x509.AlgorithmId.parse(AlgorithmId.java:365)
at sun.security.x509.CertificateAlgorithmId.<init>(CertificateAlgorithmId.java:79)
at sun.security.x509.X509CertInfo.parse(X509CertInfo.java:682)
at sun.security.x509.X509CertInfo.<init>(X509CertInfo.java:169)
… 10 more

If you run the number 3 and then 4 then you will be able to see the output like below:

D:\>keytool -exportcert -rfc -keystore D:\key -file cert.crt -alias tomcat
Enter keystore password:
Certificate stored in file <cert.crt>

D:\>keytool -printcert -v -file D:\cert.crt
Owner: CN=Ram Sah, OU=TechPaste, O=TechPaste.Com, L=RedWood, ST=CA, C=US
Issuer: CN=Ram Sah, OU=TechPaste, O=TechPaste.Com, L=RedWood, ST=CA, C=US
Serial number: 2638aefe
Valid from: Mon Jul 22 15:40:39 IST 2013 until: Sun Oct 20 15:40:39 IST 2013
Certificate fingerprints:
MD5: 18:0D:13:DF:9A:0C:B3:9D:8D:66:BA:A3:0D:12:CD:60
SHA1: B8:44:25:AB:72:61:EF:A5:F0:B6:85:34:5B:31:6F:DF:1F:78:88:00
SHA256: 64:41:DF:38:DD:79:13:FD:94:40:28:C0:D2:60:80:21:F3:84:3B:EF:67:D2:63:35:DF:21:09:93:44:98:3D:81
Signature algorithm namD: SHA256withRSA
Version: 3


#1: ObjectId: Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: AD 80 9F 2B BB 47 A3 A1 DC DA E0 9F 4E AD 48 2C …+.G……N.H,
0010: 0C 06 C6 94 ….


© Incase of any copyright infringements please check copyrights page for faster resolutions.

Leave a Reply

Show Buttons
Hide Buttons