Create jks from crt and key and than configure Tomcat

Question

I have received from my client *.crt, *.key and *.ca-bundle files and my environment use jre7.

I need to create *.jks file to configure Tomcat7.

I read this Creating a .jks from a .crt and .key file, is that possible but unfortunately at the end after this command

C:\Program Files\Java\jre7\bin>keytool -importkeystore -srckeystore C:\keystore\mykey.pfx -srcstoretype pkcs12 -srcalias 1 -srcstorepass mypass -destkeystore C:\keystore\local.jks -deststoretype jks -deststorepass mypass -destalias myAlias

I receive the error

keytool error: java.io.IOException: parseAlgParameters failed: DER input not an octet string

How can I generate jks file and avoid that error?

After the jks file will be generated I will move it into ${TOMCAT_HOME}\conf folder.

Is this Tomcat configuration correct?

<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" 
    maxThreads="200" SSLEnabled="true" scheme="https" secure="true" 
    clientAuth="false" sslProtocol="TLSv1.2" keystoreFile="conf\local.jks" keystorePass="mypass" sslEnabledProtocols="TLSv1.2" />

Thanks in advance

Answer 1

As @dave_thompson_085 said the problem was openssl version. I installed 1.1.1 version, and then the jks it was correctly created.

To use the jks created in Tomcat use this configuration

<Connector SSLEnabled="true" clientAuth="false"  keyAlias="myalias" keystoreFile="conf\myalias.jks" 
    keystorePass="mypassword " keystoreType="JKS" maxThreads="200" port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" 
    scheme="https" secure="true" sslProtocol="TLS"/>