Situation
A client bought a new Certificate and needed to have it installed.
Solution
- make sure that the certificate is not borked: there should be a newline between —-BEGIN CERTIFICATE— and the data.
-
If necessary, convert to DER format:
openssl x509 -in myCert -out myCert.der -outform DER
-
Import intermediate certs with different alias than the one used for your own cert:
keytool -keystore theKeyStore -alias thawte_intermediate -import -file thawte_int.der -trustcacerts
-
Import your new cert
keytool -keystore theKeyStore -import -file _new_cert.der -trustcacerts
Resources:
- http://www.modssl.org/docs/2.8/ssl_faq.html#ToC36
- http://community.igniterealtime.org/thread/39868
- http://wiki.zimbra.com/wiki/4.x_Commercial_Certificates_Guide
- http://docs.codehaus.org/display/JETTY/How+to+configure+SSL