SSL certificate installation on Wildfly server

0
votes

I was trying to install SSL certificate on wildfly application server which is hosted in aws Ec2 instance. I purchased SSL certificate in godaddy. I downloaded SSL ssl certificate zip from godaddy portal. Which consists of following 1 .gd_bundle-g2-g1.crt 2 .gdig2.crt.pem 3. 70c350d31695.crt 4. 70c350d31695.pem

Created keystore and imported certificates in to keystore with following command

keytool -genkey -alias wildfly -keyalg RSA -keystore wildfly.jks

keytool -import -alias root -keystore wildfly.jks -trustcacerts -file 70c350d31695.crt

keytool -import -alias intermed -keystore wildfly.jks -trustcacerts -file gd_bundle-g2-g1.crt

Also done configuration in wildfly as follows standalone.xml

<security-realm`enter code here` name="SslRealm">
      <server-identities>
         <ssl>
            <keystore path="/home/centos/ssl/newssl/wildfly.jks" alias="wildfly" keystore-password="OHGv216TZDhbd" />
          </ssl>
      </server-identities>
  </security-realm>

and
  <https-listener name="default-ssl" socket-binding="https" security-realm="SslRealm"/>

But after restarts application, keystore recognized but https certificates not recognized. When i am double click on certificate in browesr it has only keystore information not certificate information. Please help me to fix this.

In browser certificate error like following enter image description here

1
sslwildflykeystore
You cannot obtain certificate(s) from a CA and then create the privatekey (and keystore). You must FIRST create the privatekey, THEN the CSR, THEN obtain the certificate(s), and import to the already-existing keystore -- and the existing privatekey entry, for the leaf cert. See the instructions at godaddy.com/help/… and neardupe stackoverflow.com/questions/41316340/…dave_thompson_085

1 Answers

1
votes

You need a single entry I think in your keystore with all the details. You might find it easier using KSE (https://keystore-explorer.org/) rather than the cli