}
try {
KeyTools.testKey(catoken.getPrivateKey(SecConst.CAKEYPURPOSE_CERTSIGN_NEXT), pk, catoken.getProvider());
// This was OK, so we must also activate the next
// signing key when importing this certificate
catoken.activateNextSignKey(tokenAuthenticationCode);
ca.setCAToken(catoken);
// In order to generate a certificate with this
// keystore we must make sure it is activated
ca.getCAToken().activate(tokenAuthenticationCode);
} catch (Exception e2) {