Knowledgebase: SSL Technical FAQs

Keytool Error for Failed to establish chain from reply

There are two possible causes for this error:

1. No root certificate for Keytool to chain to.

Keytool relies on a root certificates in order to install the certificate.

2. Error occurs because the JDK keystore is very particular about the format of the Certificate.

This error is related to the format the certificate has been downloaded in.


Please make sure you download the (default) PKCS#7 format certificate and import this into your keystore. JDK prefers this format, which contains a complete certificate chain and which includes your certificate, as well as the Signer's certificate (Root CA certificate).

(1922 vote(s))
Helpful
Not helpful
Comments (0)