rvalle commented on issue #4199: URL: https://github.com/apache/cloudstack/issues/4199#issuecomment-681740102
Here is the working configuration, in case you find it useful: - jetty-9.4.31.v20200723 - openjdk version "11.0.8" 2020-07-14 the keystore created like this: ``` - name: Generate PKCS#12 file openssl_pkcs12: action: export path: jetty.pkcs12 friendly_name: jetty privatekey_path: Test_Server_Key.pem certificate_path: VDC_Test_Server.crt other_certificates: - VDC_Test_Intermediate_CA.crt - VDC_Test_CA.crt state: present passphrase: Secret - name: Generate Java Key Store shell: keytool -importkeystore -srckeystore jetty.pkcs12 -srcstoretype PKCS12 -destkeystore keystore ``` Which is basically the same thing that jetty documentation says but in ansible commands I got stuck in the vanilla jetty configuration becuase I had to set the keystore password at 3 different places and I have to enable 2 different modules: - java -jar start.jar --add-to-start=ssl,https to enable the modules - jetty.sslContext.keyStorePassword - jetty.sslContext.keyManagerPassword - jetty.sslContext.trustStorePassword but after that it works and the cert chain reported to the browser is correct. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org