Hello,
I solved my problem. It was not a problem with OM but with my eyes.
It's curious, you look ten times at the same word and then - hanky panky
- you see that there are characters in wrong order.
My mistake, no question.
Maybe anybody will help this:
At the moment I use letsencrypt-certificates on my server with a handful
of domains with a lot of subdomains.
As GUI I use Plesk and for the letsencrypt-certificates I use a Addin
for Plesk. This Addin will automatically update when it is time.
Nice!
One of the differences is that plesk store the certificates in other
pqath than /etc...
Here my step-by-step-manual
1.) delete (or rename) OM/conf/keystore.jks
delete (or rename) OM/conf/truststore.jks
Note:
Please replace "YOURDOMAIN" with the Domain-Name you want to use (I use
a subdomain)
Please replace "OM-DIRECTORY" with the directory where your OM is
You have to type three times the Password. Use "password".
2.)
cd /opt/"OM-DIRECTORY"/conf
openssl pkcs12 -export -in
/opt/psa/var/modules/letsencrypt/etc/live/"YOURDOMAIN"/cert.pem -inkey
/opt/psa/var/modules/letsencrypt/etc/live/"YOURDOMAIN"/privkey.pem -out
red5.p12 -name red5 -certfile
/opt/psa/var/modules/letsencrypt/etc/live/"YOURDOMAIN"/chain.pem
keytool -importkeystore -srcstorepass password -srckeystore red5.p12
-srcstoretype PKCS12 -deststorepass password -destkeystore keystore.jks
-alias red5
keytool -import -alias root -keystore keystore.jks -trustcacerts -file
/opt/psa/var/modules/letsencrypt/etc/live/om.abakus-progs.de/chain.pem
keytool -importkeystore -srckeystore keystore.jks -destkeystore
keystore.jks -deststoretype pkcs12
cp keystore.jks truststore.jks
I am not sure if the line
/keytool -importkeystore -srckeystore keystore.jks -destkeystore
keystore.jks -deststoretype pkcs12/
is really necessary. I get a appropriate notice so I search a solution.
Maybe it is not necessary, but it works in my case.
This evening I am one of the happiest creature on our planet!
(Tomorow I have a look on an automatically Update-Skript when the
certificates will extended.)
Tomorrow is a new day with new solutions.
With best regards,
Rene
Am 25.11.2017 um 11:09 schrieb Maxim Solodovnik:
Hello Rene,
I'm not sire why only ipv6 is being listen
Do you have any issues during connect?
WBR, Maxim
(from mobile, sorry for the typos)
On Nov 25, 2017 03:51, "Rene Scholz"
<[email protected]
<mailto:[email protected]>> wrote:
Hello,
@Maxim: thank you very much for the link. With this help I had
implenented the letsencrypt-keys.
After editing the "jee-container.xml" my OM only listening at tcp6.
When I make a "netstat -plnt|grep 5443" I see
tcp6 0 0 :::5443 :::* LISTEN 2028/java
There is no access at https with port 5443. But the http at port
5080 is further in function.
What I forget? is it not necessayry to listen the "tcp"?
Best regards,
Rene
