Export SSL Cert from IIS and import into GlassFish keystore

Posted by Tim H on Server Fault See other posts from Server Fault or by Tim H
Published on 2011-01-10T15:52:22Z Indexed on 2011/01/10 15:55 UTC
Read the original article Hit count: 404

Filed under:
|
|
|
|

What I need: I have an existing SSL certificate installed on IIS 6. On the same machine, I have GlassFish installed and would like to share the same certificate since they both share the same hostname, and they use different ports: IIS uses 443 and GlassFish uses 8181.

Why I need it: Reuse existing SSL certs from IIS to GlassFish. I imagine that this is possible. I am able to install an SSL cert into GlassFish's keystore, and then import the same exact cert into IIS. I just want to go the other way - imagine having an SSL cert on IIS being used for months, and now I want to enable SSL on GlassFish.

What I have done:

  • Created a keystore with an alias: server.hostname.com
  • Imported intermediate CA certs associated with the existing SSL Cert
  • Imported the existing SSL cert with the same alias: server.hostname.com, but the keytool won’t allow this, as it is not associated: keytool error: java.lang.Exception: Public keys in reply and keystore don't match Why? Using a different alias causes the cert to not be trusted in the CA chain.

© Server Fault or respective owner

Related posts about iis

Related posts about ssl