yourkeystore.jks is the actual name/path of the keystore file.root.crt is the actual name/path of your CA root certificate.root is the alias of the imported CA root certificate.Keytool -import -trustcacerts -alias root -file root.crt -keystore yourkeystore.jks Step 2: Import the filesįollow the below steps in the given order to import the files properly. It may come in handy if you encounter the “ keytool error: java.langException: Failed to establish chain from reply” error.
APACHE TOMCAT 8 ENABLE SSL DOWNLOAD
Here is the dedicated page with download links if you only need the CA bundle. You can download the certificate files from your Namecheap account along with the CA bundle. The above list is composed in reverse order on purpose as this is the exact order in which the certificates should be imported to the keystore. Note: The “AAA Certificate Services” is only installed if you chose the CA Bundle containing the cross-signed certificate. Here is an example of a JSSE connector for port 443 using the HTTP/1.1 protocol with TLS up to 1.3 enabled: It will most likely be in /opt/tomcat/conf/server.xml or /etc/tomcat/server.xml You can find the location of the directory containing the server.xml configuration file by issuing this command: The modification should be done in the ‘Tomcat installation directory’/conf/server.xml file. In the next step, you will need to modify the connector for the default port 8443 or 443. Otherwise, the “ Input not an X.509 certificate” error may take place.Īfter you have imported successfully, you should receive the following output:Ĭertificate reply was installed in keystore Step 2: Edit SSL Configuration
Make sure the certificate file has the same alias used for creating the keystore.
0 kommentar(er)
