Apache tomcat ssl certificate9/1/2023 I am also confused what is cabundle.crt that comes with the email. I will really appreciate if someone could help me/providing instruction on how to proceed beyond step #5 to successfully install the certificate. To be honest I don’t want to try anything which I am not sure about it because it is a live server. If this is the case in which order I should copy and paste the certificates? This is where I am stuck and don’t know what to do, I assume I have to create a chain.pem with all the received certificates inside it. Keytool error: : Failed to establish chain from reply pem file in the email I have received and if I mydomain keystore]# sudo keytool -keystore mydomain.keystore -storepass keypassword -alias mydomain -import -file mydomain.crt. Import the certificate from email: As per wiki I need to import certificate.pem file Outcome: Certificate was added to keystore Import the sure server education certificate ‘sureserverDDU.pem’: mydomain keystore]# sudo keytool -keystore mydomain.keystore –storepass keypassword -importcert -file sureserverEDU.pem -trustcacerts -alias sureserveredu Outcome: Certificate already exists in system-wide CA keystore under alias Do you still want to add it to your own keystore? : yes Certificate was added to keystore Import the root certificate ‘ct_r’ : mydomain keystore]#sudo keytool -keystore mydomain.keystore -storepass keypassword -importcert -file ct_r -trustcacerts -alias globalsignroot The following files are attached into email I received yesterdayĬabundle.cert (What is this? No mention of it in the Wiki)Īs per information from other source I downloaded two other files into keystore folder To create SSL certificate request: sudo keytool -storepass keypassword -keystore mydomain.keystore -certreq -keyalg RSA -file mydomain.csr -alias Īfter successful executing both the commands I got two files keystore folder - mydomain.keystore - mydomain.csr Sudo keytool -storepass keypassword -keyalg RSA -keysize 2048 -keystore mydomain.keystore -genkey -alias mydomain I created a folder name keystore ( /user/local/apache-tomcate-6.0.35/keystore) Tomcat location: /user/local/apache-tomcate-6.0.35 I've added the new certificate to the certificate to the key store. We ended up purchasing a verisigin certificate for that server. Recently an issue arose where just having the client 'Accept/trust' our certificate wasn't easy. I am about to install/update/upgrade a SSL certificate in one of the servers which has the following configuration Sever information: Sever version: Apache Tomcat/6.0.35 OS version: Linux 2.6.18-371.6.1.el5 Architecture: amd64 JVM 5 I configured tomcat with SSL successfully and was using a self-signed certificate.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |