Fail to Import Ssl Certificate

2012-08-10

Situation

A client bought a new Certificate and needed to have it installed.

Solution

  1. make sure that the certificate is not borked: there should be a newline between —-BEGIN CERTIFICATE— and the data.
  2. If necessary, convert to DER format:

    openssl x509 -in myCert -out myCert.der -outform DER

  3. Import intermediate certs with different alias than the one used for your own cert:

    keytool -keystore theKeyStore -alias thawte_intermediate -import -file thawte_int.der -trustcacerts

  4. Import your new cert

    keytool -keystore theKeyStore -import -file _new_cert.der -trustcacerts

Resources:

  • http://www.modssl.org/docs/2.8/ssl_faq.html#ToC36
  • http://community.igniterealtime.org/thread/39868
  • http://wiki.zimbra.com/wiki/4.x_Commercial_Certificates_Guide
  • http://docs.codehaus.org/display/JETTY/How+to+configure+SSL

Subcategories

  • Errors

    Descriptions of error messages and possible solutions

  • Little Goblin

    Posts about Little Goblin, the Grails based open source browser game engine and its reference implementation.

    The home page of Little Goblin is littlegoblin.de