On Mon, Jan 25, 2010 at 10:19:26PM +0000, Brian Candler wrote: > I have a problem getting Jboss to present a chain of certificates to a > client. > > The situation is this: the server has a certificate signed by an > intermediate (subsidiary) CA, and the subsidiary CA has a certificate signed > by a root CA.
For the benefit of the list: I have solved this problem now. The trick is to import all the certificates at once under the same alias. Concatenate the PEM files into a single file, then import this combined file in one go: keytool -import -noprompt -trustcacerts -alias "xxxx" \ -file allcerts.pem -keystore server.keystore -storepass "yyyy" The clue I got was from "keytool -list -v" which showed "certificate chain length" as an attribute of the entry. Regards, Brian. _______________________________________________ jboss-user mailing list [email protected] https://lists.jboss.org/mailman/listinfo/jboss-user
