setting-up ssl certificate on Tomcat: Invalid chain
|July 5, 2013||Posted by forumadmin under TechQns||
I’m trying to set-up a Thawte 123SSL certificate on my server but i’ve lost the original keystore used to generate the CSR. However I have the .p12 file with the private key and the .crt, so I created a new keystore using the sentence:
keytool -importkeystore -srckeystore file.p12 -srcstoretype pkcs12 -destkeystore /path/to/keystore.jks
After that, I added the intermediate CA certificates as:
keytool -import -alias Primary -trustcacerts -file SSL123_PrimaryCA.pem -keystore keystore.jks
keytool -import -alias Secondary -trustcacerts -file SSL123_SecondaryCA.pem -keystore keystore.jks
Then I added a Connector port to my server.xml
I think that’s all, but when I check the status with Thawte Certificate Checker https://search.thawte.com/support/ssl-digital-certificates/index?page=content&id=SO9555 failed due to Invalid Chain:
Please install or replace the following intermediate CA certificates
on your Web or Application server and perform this test again.
So.. what exactly am I doing wrong? How can I fix that?
Thanks for any advice!
|Asked By – user2552868||Read Answers|