I am running a java web app on windows 2019 server and need some help getting
the SSL certificate installed into my keystore.
I am running tomcat 9.x and java 11
I am able to generate a certificate request using both keytool and/or openssl
For both the CSR file looks like this, but the openssl also generates a private
key xxx.
-----BEGIN NEW CERTIFICATE REQUEST-----
MIIC2TCCAcECAQAwZDELMAkGA1UEBhMCdXMxCzAJBgNVBAgTAm1hMRAwDgYDVQQH
-----END NEW CERTIFICATE REQUEST-----
Private key from OPENSSL
-----BEGIN PRIVATE KEY-----
MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQC5EqmuGM9nRQ5n
-----END PRIVATE KEY-----
I use the CSR to submit a request to my company's certificate server and I am
able to download 2 files in DER format
[cid:image002.png@01DAB26D.E0B15B70]
The downloaded certificate has a name certnew.cer, the downloaded chain
certificate has a name cernew.p7b and both appear to be binary because when I
open them in notepad++ they are unreadable
Not sure how I go about importing converting and importing these into my
keystore using keytool.
The documenation is confusing to me as to what needs to be done.
https://tomcat.apache.org/tomcat-9.0-doc/ssl-howto.html the section on
importing the certificate does nto go into how to convert or merge the
certificate or the certificate chain and also does not say anyting about a
private keyfile
Has anyone out there done this consistenly and successfully.
Thanks for the help
mark
