• Status: Open
  • Priority: Low
  • Security: Public
  • Views: 51
  • Last Modified:

Tomcat SSL Certificate issue-SAP Business Objects

Hi,

I have configured SSL in tomcat,i am able to access the server using https.

But i am getting the certificate error.I have create below files to resolve the issue.
 1)keystore.jks
2)tomcat.keystore
3)xxxx.csr

From certficate authority i have created certnew.cer and certnew.p7b.

I opened certnew.p7b and used sub and root certficate to create root.cer and root1.cer.bacically i converted the root certificates format to base 64 encoded x.509

Then i used below commands to sent the two certificates to keystore.

keytool -import -trustcacerts -alias Root -file "D:\XXXXXXX\root.cer" -keystore "D:\xxxxxxxx\tomcat.keystore"

keytool -import -trustcacerts -alias Root1 -file "D:\XXXXXXX\root1.cer" -keystore "D:\xxxxxxxx\tomcat.keystore"

then i merged the server certificate by using below command

keytool -import -trustcacerts -alias biuser -file "D:\XXXXX\certnew.cer" -keystore "D:\xxxxxx\tomcat.keystore"

I have modified my server.xml file in tomcat as attached. (PFA)


i got a message that certificate key was installed to keystore,but still iam getting certificate error.
0
vikram kalyan
Asked:
vikram kalyan
  • 2
4 Comments
 
David Johnson, CD, MVPOwnerCommented:
what is the error and if you view the certificate are the results as expected?
0
 
vikram kalyanAuthor Commented:
I am able to access the website without any CERTIFICATE issue by accessing below url

https://ABCEFGH.org:8443

We created a network DSN for URL redirection (ABCEFGH.org-->XYZ.org)

https://XYZ.org:8443 (Here i am getting the certificate error,do i need to create a certificate for redirected name XYZ.org)

Thanks for your response
0
 
David Johnson, CD, MVPOwnerCommented:
https://XYZ.org:8443 (Here i am getting the certificate error,do i need to create a certificate for redirected name XYZ.org)
you need to add a subject alternative name that has the redirected name
0
 
David FavorLinux/LXD/WordPress/Hosting SavantCommented:
Give your exact URL, so tools can be used to test your SSL config.

Trying to debug SSL problems... theoretically rarely works... Being able to probe your config, will likely provide the answer quickly.
0

Join & Write a Comment

Featured Post

What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now