Hi.
Could anyone help me in the SSL configuration of GoDaddy certificates using keytool
We went through Servoys documentation of SSL configuration
Step 1: (No problem with step 1)
- Create a Certificate Signing Request (CSR) using keytool. Enter the command:
keytool -genkey -alias sslkey -keyalg RSA -keystore servoy.ks -validity 360
Enter the command:
keytool -certreq -alias sslkey -keyalg RSA -file servoy.csr -keystore servoy.ks
Step 2:(No problem with step 2)
- Browse to http://www.instantssl.com (We used godaddy and select Other for the software used to generate it)
Click Instant SSL button (top right, under Free SSL), or click Free SSL to test all this first before paying for it. If you chose Instant SSL select your duration (1, 2, or 3 years)
(MAKE SURE THIS VALIDITY IS SHORTER THAN THE VALIDITY YOU CHOSE ABOVE, OTHERWISE YOU ARE PAYING FOR MORE THAN YOU WILL GET!!!)
Copy the contents of the servoy.csr file into the form where it says to copy your CSR to. Select OTHER for the software used to generate it.
Step 3: (Problem with Step 3)
- Import the signed .crt file which you received from Instant SSL into your keystore:
keytool -import -alias sslkey -keystore servoy.ks -trustcacerts -file servoy.crt
Error we got on step 3:
keytool error: Failed to establish chain from reply
I did research on this error and it says that we need to import the root/intermediate certificates in order to successfully execute Step 3.
On the Godaddy site if we are installing the certificates with Tomcat we get the root/intermediate certificates but when we select “Others” we don’t get any.
When i just for testing purposes imported the root/intermediate certificates for Tomcat and then executed Step 3, it did create the keystore file, otherwise i get the error.
Basically we need help on the last step.
Really appreciate if somebody could share their experience on SSL configuration using keytool
Regards
James