Export SSL Cert from IIS and import into GlassFish keystore
Posted
by
Tim H
on Server Fault
See other posts from Server Fault
or by Tim H
Published on 2011-01-10T15:52:22Z
Indexed on
2011/01/10
15:55 UTC
Read the original article
Hit count: 404
What I need: I have an existing SSL certificate installed on IIS 6. On the same machine, I have GlassFish installed and would like to share the same certificate since they both share the same hostname, and they use different ports: IIS uses 443 and GlassFish uses 8181.
Why I need it: Reuse existing SSL certs from IIS to GlassFish. I imagine that this is possible. I am able to install an SSL cert into GlassFish's keystore, and then import the same exact cert into IIS. I just want to go the other way - imagine having an SSL cert on IIS being used for months, and now I want to enable SSL on GlassFish.
What I have done:
- Created a keystore with an alias: server.hostname.com
- Imported intermediate CA certs associated with the existing SSL Cert
- Imported the existing SSL cert with the same alias: server.hostname.com, but the keytool won’t allow this, as it is not associated: keytool error: java.lang.Exception: Public keys in reply and keystore don't match Why? Using a different alias causes the cert to not be trusted in the CA chain.
© Server Fault or respective owner