Keytool unable to import certificate

Question

While trying to import a certificate I get an error that it could not be imported since the alias(tomcat) in this case was already present

$ keytool -import -v -alias tomcat -file tomcat.crt -keystore ../keystore -storepass changeit
keytool error: java.lang.Exception: Certificate not imported, alias <tomcat> already exists
java.lang.Exception: Certificate not imported, alias <tomcat> already exists
        at sun.security.tools.keytool.Main.addTrustedCert(Main.java:2644)
        at sun.security.tools.keytool.Main.doCommands(Main.java:1006)
        at sun.security.tools.keytool.Main.run(Main.java:340)
        at sun.security.tools.keytool.Main.main(Main.java:333)
pvaddepa.wb10d1.koala> (/web/home/wb10d1/companyCA)

When I try to find the alias I do not find it -

pvaddepa.wb10d1.koala> (/web/home/wb10d1/companyCA)
$ keytool -list -storepass changeit

Keystore type: JKS
Keystore provider: SUN

Your keystore contains 1 entry

companycaroot, Feb 27, 2016, trustedCertEntry,
Certificate fingerprint (SHA1): 44:6C:91:DF:F9:D6:C4:D2:F6:74:0C:5E:7E:25:2B:61:A8:EF:97:A4

I have referred to a similar question on SO , but the result does not change even after deleting.

Answer 1

I think that you are not pointing to the same keystore. Can you add the keystore to open as a parameter to the keytool command? I mean:

keytool -list -storepass changeit -keystore ../keystore

By default, the key store used is .keystore and it is not equal as the keystore where you were trying to import the certificate (../keystore).

if you list the contents of your folder (/web/home/wb10d1/companyCA?), you will find a file called .keystore , but if you list the contents of the parent folder, you will find the keystore where the certificate with the alias tomcat really exists.