I know this might look familiar but I assure everyone that I have checked and reran all the answers but still I can't use my valid GoDaddy SSL certificate. Here are the steps I've taken to make and use a keystore in an Spring Boot application. I appreciate any suggestion or comment on this post.
I have downloaded the certificate package from my GoDaddy account which is related to tomcat option (Haven't generated and submitted CSR and just used the one which is pre-generated by GoDaddy). The package contains below set of files.
- gd_bundle-g2-g1.crt (Intermediate Certificate)
- [Random_Hex].crt (Root Certificate)
- gdig2.crt.pem (public key)
Using above files and keytool, I have generated a keystore running the following commands
keytool -import -trustcacerts -alias intermediate -file gd_bundle-g2-g1.crt -keystore mydomain.jkskeytool -import -trustcacerts -alias mydomain.com -file <randomhex>.crt -keystore mydomain.jkskeytool -importkeystore -srckeystore mydomain.jks -destkeystore mydomain.p12 -srcstoretype JKS -deststoretype PKCS12 -deststorepass Password -srcalias mydomain.com -destalias mydomain
Putting the .p12 file generated in previous step into "resources" path of my Spring Boot project and updating the application.properties file as following, I expected the project to run and expose my web application on HTTPS.
server.ssl.enabled=true
server.ssl.key-store-type=PKCS12
server.ssl.key-store=classpath:mydomain.p12
server.ssl.key-store-password=Password
server.ssl.key-password=Password
server.ssl.key-alias=mydomain.com
- But no matter which config I use or how many times to recreate the keystore, I face below error.
org.apache.catalina.LifecycleException: Protocol handler start failed at org.apache.catalina.connector.Connector.startInternal(Connector.java:1008) ~[tomcat-embed-core-9.0.22.jar:9.0.22] at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183) ~[tomcat-embed-core-9.0.22.jar:9.0.22] at org.apache.catalina.core.StandardService.addConnector(StandardService.java:227) ~[tomcat-embed-core-9.0.22.jar:9.0.22] at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.addPreviouslyRemovedConnectors(TomcatWebServer.java:263) ~[spring-boot-2.1.7.RELEASE.jar:2.1.7.RELEASE] at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.start(TomcatWebServer.java:195) ~[spring-boot-2.1.7.RELEASE.jar:2.1.7.RELEASE] at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.startWebServer(ServletWebServerApplicationContext.java:297) ~[spring-boot-2.1.7.RELEASE.jar:2.1.7.RELEASE] at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.finishRefresh(ServletWebServerApplicationContext.java:163) ~[spring-boot-2.1.7.RELEASE.jar:2.1.7.RELEASE] at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:552) ~[spring-context-5.1.9.RELEASE.jar:5.1.9.RELEASE] at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:141) ~[spring-boot-2.1.7.RELEASE.jar:2.1.7.RELEASE] at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:743) ~[spring-boot-2.1.7.RELEASE.jar:2.1.7.RELEASE] at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:390) ~[spring-boot-2.1.7.RELEASE.jar:2.1.7.RELEASE] at org.springframework.boot.SpringApplication.run(SpringApplication.java:312) ~[spring-boot-2.1.7.RELEASE.jar:2.1.7.RELEASE] at org.springframework.boot.SpringApplication.run(SpringApplication.java:1214) ~[spring-boot-2.1.7.RELEASE.jar:2.1.7.RELEASE] at org.springframework.boot.SpringApplication.run(SpringApplication.java:1203) ~[spring-boot-2.1.7.RELEASE.jar:2.1.7.RELEASE] at com.pincha.patient.MyApp.main(MyApp.java:10) ~[classes/:na] Caused by: java.lang.IllegalArgumentException: jsse.alias_no_key_entry at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:99) ~[tomcat-embed-core-9.0.22.jar:9.0.22] at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:71) ~[tomcat-embed-core-9.0.22.jar:9.0.22] at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:218) ~[tomcat-embed-core-9.0.22.jar:9.0.22] at org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEndpoint.java:1124) ~[tomcat-embed-core-9.0.22.jar:9.0.22] at org.apache.tomcat.util.net.AbstractEndpoint.start(AbstractEndpoint.java:1210) ~[tomcat-embed-core-9.0.22.jar:9.0.22] at org.apache.coyote.AbstractProtocol.start(AbstractProtocol.java:585) ~[tomcat-embed-core-9.0.22.jar:9.0.22] at org.apache.catalina.connector.Connector.startInternal(Connector.java:1005) ~[tomcat-embed-core-9.0.22.jar:9.0.22] ... 14 common frames omitted Caused by: java.io.IOException: jsse.alias_no_key_entry at org.apache.tomcat.util.net.SSLUtilBase.getKeyManagers(SSLUtilBase.java:325) ~[tomcat-embed-core-9.0.22.jar:9.0.22] at org.apache.tomcat.util.net.SSLUtilBase.createSSLContext(SSLUtilBase.java:247) ~[tomcat-embed-core-9.0.22.jar:9.0.22] at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:97) ~[tomcat-embed-core-9.0.22.jar:9.0.22] ... 20 common frames omitted
