09-24-2018, 04:36 PM
I am trying to replace the default SSL certificate with a valid cert for our organization. I see that there are two keystores in the YDMP Tomcat folder: dm,jks and temp.jks.
dm.jks works as expected with the typical warnings, temp.jks will not work at all and I can't even add an exception in Firefox to allow me to use it. Since I would prefer to not have any certificate warnings at all I would like to replace the cert with a wildcard for our domain.
When I try and follow the instructions in the manual:
Openssl pkcs12 –export –in dm.drt –inkey dm.key –out dm.p12 –name dm
I cannot find the files dm.drt and dm.key on my system.
If I build a brand new keystore using our wildcard certificate Tomcat will not load afterwards.
If I add our wildcard cert to the existing keystore and then activate it I get a error about the server not having any protocols to communicate with which tells me that simply replacing the localhost alias cert in the keystore with my own either missed a step or its incompatible with the current tomcat subsystem.
Any guidance would be appreciated.
dm.jks works as expected with the typical warnings, temp.jks will not work at all and I can't even add an exception in Firefox to allow me to use it. Since I would prefer to not have any certificate warnings at all I would like to replace the cert with a wildcard for our domain.
When I try and follow the instructions in the manual:
Openssl pkcs12 –export –in dm.drt –inkey dm.key –out dm.p12 –name dm
I cannot find the files dm.drt and dm.key on my system.
If I build a brand new keystore using our wildcard certificate Tomcat will not load afterwards.
If I add our wildcard cert to the existing keystore and then activate it I get a error about the server not having any protocols to communicate with which tells me that simply replacing the localhost alias cert in the keystore with my own either missed a step or its incompatible with the current tomcat subsystem.
Any guidance would be appreciated.