Any idea on the solution to this pfx certificate importing into keystore error. keytool error: java.io.IOException: DerInputStream.getLength(): lengthTag=109, too big.

@billybob​ , 

Are you running this command when you receive that error? 

keytool -importkeystore -srckeystore <certpath>\<certificate_name>.pfx -srcstoretype pkcs12 -destkeystore tomcat.keystore -deststoretype jks

 I've found this article going over that error. Maybe this can help.

This is the command: >keytool -importkeystore -srckeystore <certpath>\\<certificate_name>.pfx -srcstoretype pkcs12 -destkeystore tomcat.keystore -deststoretype pkcs12 The command you have shows "-deststoretype jks" as the last option. Is that the issue?

I know you can set it to either of those, but the "jks" worked for me. I'm not really sure if that will fix it on your end.

https://community.safe.com/s/article/fme-server-and-httpsssl-pfx-certificate

Great! I'll give that a try. Thanks for the article pointer. That helps confirm that I'm using the latest configuration instructions.

Thanks. That worked for me. After making the required configuration changes to the various tomcat files, I can't seem to access https://localhost.. Any thoughts on that issue?

Hi @billybob​ ,

Please can you review the log files located in <FMEServerFileShare>/Resources/Logs/tomcat. In particular look in the catalina.log for SEVERE messages, this should tell us what is going on.

Hi @hollyatsafe,

I was able to figure out the issue. Some how the tomcat.keystore was corrupted. I simply remove the keystore, recreated it by importing the certificate again, and verified the changes to the xml files. That worked, and I'm able to access https://localhost now. Thank you the response. Reviewing the logs if I have any other is should come in handy.

Thanks again!