I am running a java web app on windows 2019 server and need some help getting 
the SSL certificate installed into my keystore.

I am running tomcat 9.x and java 11

I am able to generate a certificate request using both keytool and/or openssl

For both the CSR file looks like this, but the openssl also generates a private 
key xxx.



-----BEGIN NEW CERTIFICATE REQUEST-----

MIIC2TCCAcECAQAwZDELMAkGA1UEBhMCdXMxCzAJBgNVBAgTAm1hMRAwDgYDVQQH

-----END NEW CERTIFICATE REQUEST-----



Private key from OPENSSL

-----BEGIN PRIVATE KEY-----

MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQC5EqmuGM9nRQ5n

-----END PRIVATE KEY-----



I use the CSR to submit a request to my company's certificate server and I am 
able to download 2 files in DER format

[cid:image002.png@01DAB26D.E0B15B70]

The downloaded certificate has a name certnew.cer, the downloaded chain 
certificate has a name cernew.p7b and both appear to be binary because when I 
open them in notepad++ they are unreadable

Not sure how I go about importing converting and importing these into my 
keystore using keytool.

The documenation is confusing to me as to what needs to be done.

https://tomcat.apache.org/tomcat-9.0-doc/ssl-howto.html  the section on 
importing the certificate does nto go into how to convert or merge the 
certificate or the certificate chain and also does not say anyting about a 
private keyfile

Has anyone out there done this consistenly and successfully.

Thanks for the help

mark

Reply via email to