LinuxQuestions.org - How to add Certificate to Apache Tomcat

- Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)

- - How to add Certificate to Apache Tomcat (https://www.linuxquestions.org/questions/linux-server-73/how-to-add-certificate-to-apache-tomcat-4175457519/)

How to add Certificate to Apache Tomcat

Hello,
i get two file .pfx and .crt . now i want to import it to my apache tomcate server for my website https , for example i have a website (http://test.com) no i want https://test.com

any Suggestion,

Quote:

Originally Posted by hesisaboury (Post 4928313)

Google has lots of how-tos...like these:
http://www.apache.com/resources/how-...ate-on-apache/
http://www.digicert.com/ssl-certific...ion-apache.htm

Did you try to look this up??

Thank u TB0ne
i use apache tomcat and it's different with apache , in apache i can use crt,pub and prv pem but in apache tomcat i have to use .jks and other things .. i googled too but tried many ways but i did not get answer yet .

any suggestion

Quote:

Originally Posted by hesisaboury (Post 4928629)

Spell out your words, please. And if you did try to look this up, you'd have found answers. Can you tell us which "many ways" you've tried, from what links?? Putting "how to add ssl certificate to tomcat" pulls up this, as the VERY FIRST HIT, from the Tomcat site, with examples.
http://tomcat.apache.org/tomcat-3.3-...ssl-howto.html

Hello,
i followed this : (for info i bought ssl and i have two file .pfx and .cer)
keytool -importkeystore -srckeystore [xx.p12] -srcstoretype pkcs12 -srcalias [domainname] -destkeystore [domainname.jks] -destkeystore jks -deststorepass [xxx] -desalias [domainname]

this command add ssl to my apache tomcat but one my my webmail features (attachement) does not work .. before that i used self signed certificate with no problem.....that is my problem

i also create .pfx file and .cer then imported to jks ... failed

ERRORs :
11 Apr 2013 06:25:49[ERROR] test - SendMailService.log(38) javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Quote:

Originally Posted by hesisaboury (Post 4929647)

...which is NOT what you posted originally. And where did you get that command, and WHICH webmail system are you using, on what version/distro of Linux???

Quote:

i also create .pfx file and .cer then imported to jks ... failed

Again, you need to provide details. HOW did you import them, with which command(s)/to where?

Quote:

ERRORs :
11 Apr 2013 06:25:49[ERROR] test - SendMailService.log(38) javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

...and AGAIN, just trying to look up the error brings up LOTS of solutions, if you bothered to look:
http://www.mkyong.com/webservices/ja...uested-target/
https://blogs.oracle.com/gc/entry/un..._certification

Thank u TB0ne
Finally solved
i create .p12 using
http://dragotown.com/2005/08/creatin...using-openssl/
and add .crt to java cacerts (here was my problem)
keytool -import -alias domainname -file xx.crt -keystore "$JAVA_HOME/jre/lib/security/cacerts" -storepass xxx