Homepage: http://www.drh-consultancy.demon.co.uk______________________________________________________________________ OpenSSL Project http://www.openssl.orgUser Support Mailing List Sorry...Please supply a document ID for the article you are searching for. Got some help from people smarter than I, and here are the steps we took to create the keystore needed to make this setup work. share|improve this answer edited Mar 13 '14 at 21:01 answered Mar 13 '14 at 20:56 Leos Literak 3,41462563 add a comment| Your Answer draft saved draft discarded Sign up or http://globalcryptonews.com/unable-to/verify-return-code-20-unable-to-get-local-issuer-certificate-windows.html
I am using TeamCity which itself uses Tomcat, perhaps the Tomcat included in TeamCity does not include the needed files. share|improve this answer edited Nov 24 '11 at 16:32 answered Nov 14 '11 at 13:06 Heinzi 2,19911843 would you happen to have found a cleaner solution to this? I have private key the certificate the primary and secondary CA:s from RapidSSL (as pem, pkcs7 and separate .crt) https://knowledge.rapidssl.com/support/ssl-certificate-support/index?page=content&id=AR1548 I can get it working on an apache server with the cat intermediate.crt /etc/ssl/certs/ca-certificates.crt > allcacerts.crt openssl pkcs12 -export -chain -CAfile allcacerts.crt -in customercert.cer \ -inkey customercert.key -out customercert.keystore -name tomcat -passout \ pass:changeit This successfully created the keystore file.
If anyone finds this thread and wants to know how it was fixed, here are the steps we used: 1. I > can't seem to find anything that will lead me to a resolution. and other countries. It also thinks the certificate is untrusted. –Sandra Jan 15 '13 at 16:19 How do I "add the individual certificates? –Sandra Jan 15 '13 at 16:21 Instead
Golf a Numerical Growing Braid How to make a shell read the whole script before executing it? If you have received this information in error, please notify the sender immediately and arrange for the prompt destruction of the material and any accompanying attachments. Depowering a high AC PC without killing the rest of the group How to make a shell read the whole script before executing it? Create Pkcs12 Keystore From Private Key And Public Certificate There is some information on how to do this is found at http://conshell.net/wiki/index.php/OpenSSL_to_Keytool_Conversion_tips.
Not the answer you're looking for? My midrange friends are on vacation for a > while, so I'm on my own. when i appended"-chain" to the above openssl command, i got the error "Error unable toget local issuer certificate getting chain." so i chose to go without itand try the subsequently generated http://stackoverflow.com/questions/8120690/tomcat-doesnt-deliver-intermediate-certificate-https more stack exchange communities company blog Stack Exchange Inbox Reputation and Badges sign up log in tour help Tour Start here for a quick overview of the site Help Center Detailed
from windows box, i grab another copy of Kallen at Sep 22, 2004 at 12:57 am ⇧ On Tue, 21 Sep 2004, Dennis Dai wrote:I was able to export a p12 Comodo Root Certificate Henson. My midrange friends are on vacation for > > a while, so I'm on my own. SSL Certificates Symantec™ Trust Centre Sign In Symantec™ Safe Site Symantec™ Trust Centre Sign In Code Signing Code Signing Portal for Microsoft Windows Mobile Sign In(Requires a valid Administrator ID.) Partners
fwiw, i've seen tips out there on converting thepkcs12 format into JKS. https://community.sophos.com/kb/120076 My midrange friends are on vacation for > a while, so I'm on my own. Error Unable To Get Local Issuer Certificate Getting Chain Openssl i'm hoping not to go that route.thanks in advance,[email protected] is that which, when you stop believing in it, doesn't go away.- Philip K. Tomcat Intermediate Certificate Can the product of two nonsymmetric matrices be symmetric?
What is the purpose of the AT-ACT? Check This Out If you have received this information in error, please notify the sender immediately and arrange for the prompt destruction of the material and any accompanying attachments. > > > > ______________________________________________________________________ Steinmetz Mar 9 '13 at 0:26 3 I found that I needed to add -certfile [intermediate cert] to the pkcs12 -export command. Please help if you can. > Thank you. > > I suspect there were two certificates in the chain before and now there are three or the previous intermediate file included Keytool -genkey -alias Tomcat -keyalg Rsa
FOURPROC blog about archives Create a SSL keystore for a Tomcat server using Openssl June 23, 2010 An SSL certificate was required for one of our customers. Tomcat Ssl Configuration same error:SEVERE: Error initializing endpointjava.io.IOException: Unable to verify MAC.at com.ibm.crypto.provider.PKCS12KeyStore.engineLoad(Unknown Source)at java.security.KeyStore.load(KeyStore.java:695)at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocket Factory.java:278)[email protected]: 650.616.6708Reality is that which, when you stop believing in it, doesn't go away.- Philip K. i'm hoping tosucceed with this, and not end up using apache+SSL in front of tomcat,tho i can.
Step 1: Select a product SSL Certificates Support Symantec™ Safe Site Support Code Signing Support Digital IDs for Secure Email Support Managed PKI Support Managed PKI for SSL Support VIP Authentication This information is intended solely for use by the individual or entity to whom it is addressed. asked 3 years ago viewed 781 times active 3 years ago Blog Stack Overflow Gives Back 2016 Developers, Webmasters, and Ninjas: What’s in a Job Title? How To Install Ssl Certificate In Tomcat 7 the players: linux, tomcat-5.0.27, IBMJava2-141, cert CSR generatedwith openssl, not keytool.
Run the following command to convert the pkcs12 file to a JKS format: java -classpath jetty-6.1.3/lib/jetty-6.1.3.jar org.mortbay.jetty.security.PKCS12Import keystore.pkcs12 keystore.jks Enter input keystore passphrase: CantGuess Enter output keystore passphrase: CantGuess Alias 0: Please help if you can. > Thank you. > > I suspect there were two certificates in the chain before and now there are three or the previous intermediate file included The > error I'm getting is: > "unable to get local issuer certificate getting chain" > > My setup is on a Windows server using Tomcat, with Apache. http://globalcryptonews.com/unable-to/unable-to-build-a-valid-certificate-chain-for-the-signer.html Works in FF and Chrome though. –Sandra Jan 15 '13 at 16:07 Interesting.