Unable to create chained SSL certificate

Question

i am trying to upgrade the SSL certificate on my Jira server. Currently, it is working absolutely fantastic with correct chained certificates.

The certificates are provided by the customers and appear to be valid.

I have one root, two intermediates and one domain certificate.

I followed this:

1. Generate new keystore with alias of mydomain
2. import root certificate
3. import inter1 certificate
4. import inter2 certificate
5. import mydomain certificate

I tried importing the certificate other way round too but no success.

The site works with SSL error and doesn't show the chained information of the certificate in any case.

Please help!

Thanks Aditya

Answer 1

I found the answer myself and my team after a lot of investigation. Ensure that you have the correct domain to root certificate before doing any update. Below are the steps I executed for a successful certificate upgrade.

1. Create a keystore on your server.
2. Generate .csr to request the certificate
3. Client will send this .csr to the CA authority who is responsible for generating the chain certificate
4. Once you get chain certificate, import one by one from root certificate to domain certificate in the keystore
5. Follow the steps for installing the keystore on tomcat
6. Restart the tomcat
7. Test.
8. Vote up, if it helps :)