> Gene,
> On 3.1.2014 14:55, Gene Matthews wrote:
> > Thie symantec instructions say to ensure the alias for the ssl cert has an 
> > Entry Type of PrivateKeyEntry.  Mine DOES NOT.  Instructions say if it does 
> > not, to please import the certificate in the “Private Key” alias.
> With JKS keystore you must keep private key and certificates in the same 
> keystore.
MG>Since A pfx that Verisign provides contains key and cert
MG>"Windows servers use .pfx files to contain the public key files (your SSL
 Certificate files, provided by DigiCert) and MG>the associated private key
 file (generated by your server as part of the CSR).
MG>perhaps you are referring to the key/certificate combination in pfx?

 Therefore, you shouldn't import server certificate and inter. 
> certificates into brand new keystore, but into the "old" keystore -- the 
> one you used to create key pair, and to generate CSR.
MG>CSR is the request to CA Authority (verisign ) to sign (digitally identify) 
this certificate 
MG> certificate signing request (also CSR or certification request) is a 
message sent from an applicant to a MG>certificate authority in order to apply 
for a digital identity certificate. The most common format for CSRs is the 
MG>PKCS#10 specification
> I find it strange that Symantec/Verisign didn't mention that explicitly 
> in their documentation.
> > It also says to ensure the Certificate chain length is 4.
> Once you import certificates into the right keystore, check that again.
> > PS:  How does one search the archives of this list?  When I browse the 
> > archive site I don’t see a search field anywhere.  So I’ve been googling 
> > without coming up with a solution. it is probably out there but I don’t 
> > know enough to recognize it :-(
> Search for "Archives".
> -Ognjen
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, e-mail:

Reply via email to