I'm having a problem installing a new SSL certificate on a GoDaddy-hosted
server running Tomcat. Any suggestions for resolving it would be appreciated.
I set up the server last year and installed the SSL certificate with no
problem. This year, after the original certificate expired, I downloaded the
new certificate provided by GoDaddy, removed the old certificate files from the
keystore, and installed the new ones. Now Tomcat is throwing a
"java.io.IOException: jsse.alias_no_key_entry" exception when it tries to open
the HTTPS connector. I also tried rebuilding the keystore from scratch and
requesting a new certificate, but am getting the same exception with that
certificate.
These are the commands I used to obtain and install the certificate:
sudo keytool -genkey -alias tomcat -keyalg RSA -keystore keystore.jks
sudo keytool -certreq -keyalg RSA -alias tomcat -file certreq.csr -keystore
keystore.jks
(--request and obtain certificate files from GoDaddy--)
sudo keytool -import -alias root -keystore keystore.jks -trustcacerts -file
gdcerts/gdroot-g2.crt
sudo keytool -import -alias inter -keystore keystore.jks -trustcacerts -file
gdcerts/gd_bundle-g2-g1.crt
sudo keytool -import -alias tomcat -keystore keystore.jks -file
gdcerts/xxxxxxxxxxxx.crt
And this is the Tomcat configuration for the connector:
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true">
<SSLHostConfig>
<Certificate certificateKeystoreFile="conf/keystore.jks"
type="RSA" certificateKeystorePassword="xxxxxx" />
</SSLHostConfig>
</Connector>
