I am doing the jetty SSL configuration
.
I have created CSR using keytool which has added a private key to the keystore,
Received the certificate based on the CSR, converted the certificate to DER format and imported the certificate into the keystore as trustcacerts
The signed certificate has the root/intermediate certificates in the certificate path
I also installed the root and intermediate certificate in the IE under the trusted root certificate after converting it into DER format.
while using https , the browser shows certificate error and considers the certificate as self signed certificate.
Question
Does this mean the the installed signed certificate is not considered since the certificate does not have the Root/intermediate certificate in the certificate path?
Though the signed certificate received from the CA have the link to the root/intermediate certificate in the certificate path.
Please suggest if anything is wrong in the process . Adding the keytool commands followed for this.
Created keystore
keytool -keystore serverdns.keystore -alias server -genkey -keyalg RSA
-keysize 2048
create CSR
keytool -certreq -alias server -keystore serverdns.keystore -file
server.csr
installing signed certificate
keytool -import -trustcacerts -alias cert -keystore serverdns.keystore
-file signedcert.der.cer
I have tried using the same alias 'server' while installing the signed certificate but it failed with the error
keytool error: java.lang.Exception: Failed to establish chain from
reply
See Question&Answers more detail:
os 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…