Setting up two-way ssl with Certificate authority [closed]

https://stackoverflow.com/questions/23677408

23-07-2023
|

Pergunta

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.

This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.

Closed 9 years ago.

Improve this question

I've set up a jetty (9.2.0.M1) hosted application.

I've configured jetty to run a two-way SSL with the following setup:

 server.keystore - contains server private key and is self signed.
 server.truststore - contains clients certs that should be trusted.

This is working and when I hit https://127.0.0.1 in my browser where I have a valid certificate it works.

I'm now trying to do this without my own signed certificate. To do this I set up a DNS (lets say exampleDNS.com and created a certificate sign request server.csr that I sent to the CA-vendor.

I've got a mail back with the certificate to use and I included that into the server.keystore.

However: when I now hit https://exampleDNS.com the server still present the self signed certificate instead of validating it by the CA.

I'm probably missing something here but I can't really understand what I'm doing wrong.

Do I need to include root certificate of the specific CA-vendor into keystore/truststore?

Solução

If I were you I would try to repeat process one more time. And make sure you import Root cert first, Intermediate second and trial last. And last one should have the same alias as you used when created private key. I probably can't suggest anything else, sorry.

Licenciado em: CC-BY-SA com atribuição

Não afiliado a StackOverflow