I'm super frustrated - and just wanted to see if you had any ideas.... I have a server running swimmingly well with an SSL certificate that expired.
I'm working with an educational institution - so I tried just importing the updated cert into the keystore - but no good.
SO I created a new keystore:
- Code: Select all
keytool -genkey -alias servoy -keyalg RSA -keysize 2048 -keystore C:\servoy_ssl_certs\servoy.jks
Then converted to pkcs12:
- Code: Select all
keytool -importkeystore -srckeystore C:\servoy_ssl_certs\servoy.jks -destkeystore C:\servoy_ssl_certs\servoy.jks -deststoretype pkcs12
I created a new CSR:
- Code: Select all
keytool -certreq -alias servoy -file C:\servoy_ssl_certs\servoy2.csr -keystore C:\servoy_ssl_certs\servoy.jks
I got the certificate (with all the intermediates in there) - and added to the keystore:
- Code: Select all
keytool -import -trustcacerts -alias servoy2021 -file C:\servoy_ssl_certs\procom_ctsi_ucla_edu.cer -keystore C:\servoy_ssl_certs\servoy.jks
In the server.xml - I already correctly had this added:
- Code: Select all
<Connector port="80" protocol="HTTP/1.1"
maxThreads="500" connectionTimeout="60000"
redirectPort="443"
compression="4096"
compressableMimeType="text/html,text/xml,text/plain,text/javascript,text/css" />
<Connector port="443"
maxThreads="500"
connectionTimeout="60000"
scheme="https"
secure="true"
SSLEnabled="true"
keystoreFile = "C:/servoy_ssl_certs/servoy.jks"
keystorePass="mypassword"
clientAuth="false" sslProtocol="TLS"
/>
I then went into the servoy.properties and replaced all the encrypted passwords with plain text (including the keystore password);
Then I started the server with no errors.
But it refuses to use https - event though on the Nework Settings is says "SSL initialized ok."
Any ideas?