![]() ![]() % openssl pkcs12 -export -in my.crt -inkey my.key -chain -CAfile ca-certs.pem -name "" -out my.p12 % cat /etc/ssl/cert.pem my-ca-file.crt > ca-certs.pem If you get the following error message "Error unable to get issuer certificate getting chain." then you should concatenate the openssl ca-certs with your own ca-cert into one file and use that as parameter for -CAfile.Be sure to set an export password! (see further below for an explanation).% openssl pkcs12 -export -in my.crt -inkey my.key -chain -CAfile my-ca-file.crt -name "" -out my.p12 Export your key, certificate and ca-certificate into a PKCS12 bundle via.There are several methods that you can use but I found the following the most simple: ![]() ![]() In the latter case you'll have to import your shiny new certificate and key into your java keystore. "normal" http servers and tomcat or other java based servers. In some cases you may have a mixed infrastructure e.g. From time to time you have to update your SSL keys and certificates. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |