The title of the question is a mouthful, but I am trying to configure a Go Daddy SSL cert which I purchased for my domain on AWS. I purchased the domain myapp.com
(not the real name) from AWS, and then I configured myapp.myapp.com
as a record set in Route 53 to point to an EC2 instance, which in turn is running the actual Tomcat server which I expect users would be hitting. In other words, this is the site used to hit the app/website, and I have confirmed that it works and is reachable.
I purchased an SSL cert from Go Daddy for myapp.myapp.com
. I followed the instructions to import the root, intermediate, and issued certificates (3 in total) into my Java keystore. Then, I configured my Tomcat server.xml
to use this keystore. I am not certain that I did this correctly, or in the correct order, if that matters. In any case, when I try to hit the address
https://myapp.myapp.com:8443/
I get the following error on Chrome:
Your connection is not private
NET::ERR_CERT_AUTHORITY_INVALID
Can anyone shed some light on what I might be doing wrong here? Go Daddy's customer support, while free, does not offer this level of tech support. I could go with AWS, but they tend to charge enterprise rates.
An ideal answer would include, at least as an outline, the following steps:
- How to import the Go Daddy certs into my Java keystone
- How to configure Tomcat server.xml properly to use the keystore
- Sanity checks along the way, which someone else with a similar problem would be able to use
Here are the three certs which Go Daddy returned to me:
c4c170b79c58acc3.crt (root?)
gd_bundle-g2-g1.crt (intermediate?)
gdig2.crt.pem (primary/issued?)
I am not sure which of these certs are root, intermediate, and issued, but this SO question would label them as I have above.