Hello, In fact I read this command from my certificate provider's installation guideline.
It gives us these 3 commands: keytool -import -trustcacerts -alias ROOT -file root.crt -keystore NEWkeystore keytool -import -trustcacerts -alias INTER -file inter.crt -keystore NEWkeystore keytool -import -trustcacerts -alias your_alias_name -file sslcert.crt -keystore NEWkeystore $myServerCert is the certificate that we received from our CA. We created no self-signed certificate issued by ourselves, but only a private key in the beginning. Tapio Niemi wrote: > > Hi, > > Taking a quick look at this, i believe this is the part that goes wrong > >> keytool -import -trustcacerts -alias $myAlias -file $myServerCert >> -keystore $myKeyStoreFileName > > It looks to me that you are importing a certificate that is supposed to > be your server certificate as if it were a certificate authority > certificate. Plus perhaps using a wrong alias, as the alias used needs > to be the same which was used for generating the key and csr. > > What in your case would most propably work, is > > keytool -import -alias tomcat -keystore $myKeyStoreFileName -file > $myServerCert > > Feel free to translate this to any language of your choosing :) > > Cheers, > > -Tapio > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > > -- View this message in context: http://old.nabble.com/Certificate-issued-by-GeoTrust-Global-CA-is-not-appearing-at-client-browser%27s-side-tp32855051p32862604.html Sent from the Tomcat - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
