Hello,
this error message tells “only” that the source alias wasn’t correct. To get the Aliasname from the PFX or P12 file you could launch the following command:
keytool -list -keystore Your_filename_here.p12 -storetype pkcs12
This should output something like (it would ask you for the PFX/P12-file passphrase even if there is no passphrase set - in this case just confirm with by pressing ENTER):
Keystore-Typ: PKCS12
Keystore-Provider: SunJSSE
Keystore contains 1 entry
*THE ALIAS STANDS HERE, 17.10.2013, PrivateKeyEntry, *
Certificate-Fingerprint (SHA1): XX:XX:XX:XX:XX:XX:XXX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX
The Alias would be usefull if you have more certificates, just to keep an overview over the contained certificates. If the Alias contains spaces or special chars you should set it in quotation-marks “”.
keytool -importkeystore -srckeystore MyFile.p12 -srcstoretype pkcs12 -srcalias “My Certificate Alias” -destkeystore keystore -deststoretype JKS -destalias “My desired Certificate Alias”
keystore here stands for the filename under which the keystore should be created; i.e:
keytool -importkeystore -srckeystore MyFile.p12 -srcstoretype pkcs12 -srcalias “My Certificate Alias” -destkeystore Your_Desired_Keystore_Name_here -deststoretype JKS -destalias “My desired Certificate Alias”
After running the conversion (taking my example) you should have a file called “keystore” or “Your_Desired_Keystore_Name_here”. Could you verifiy this?
If this file was created you could even check it’s content with:
*keytool -list -v -keystore keystore *OR *keytool -list -v -keystore *Your_Desired_Keystore_Name_here
If till here everything looks good, you should check the file-permissions of the keystore and truststore.
I did it this way (under Linux):
chown openfire:openfire your_keystore_filename && chown openfire:openfire your_truststore_filename
openfire in this case is the username of the user running the openfire-service*
*
chmod 640 your_keystore_filename && chmod 640 your_truststore_filename
The content of the security-directory (/etc/openfire/security/) should look something like this:
-rw-r----- 1 openfire openfire keystore
-rw-r----- 1 openfire openfire truststore
Glad to hear that I could help (until here ), so lets try to complete this task
Regards,
Thomas
P.S: Sorry, the translation in the output-example could not be 100% appropriate as the output of my engine is in german and I just tried to translate it