Tomcat SSL Certificate issue-SAP Business Objects

Hi,

I have configured SSL in tomcat,i am able to access the server using https.

But i am getting the certificate error.I have create below files to resolve the issue.
 1)keystore.jks
2)tomcat.keystore
3)xxxx.csr

From certficate authority i have created certnew.cer and certnew.p7b.

I opened certnew.p7b and used sub and root certficate to create root.cer and root1.cer.bacically i converted the root certificates format to base 64 encoded x.509

Then i used below commands to sent the two certificates to keystore.

keytool -import -trustcacerts -alias Root -file "D:\XXXXXXX\root.cer" -keystore "D:\xxxxxxxx\tomcat.keystore"

keytool -import -trustcacerts -alias Root1 -file "D:\XXXXXXX\root1.cer" -keystore "D:\xxxxxxxx\tomcat.keystore"

then i merged the server certificate by using below command

keytool -import -trustcacerts -alias biuser -file "D:\XXXXX\certnew.cer" -keystore "D:\xxxxxx\tomcat.keystore"

I have modified my server.xml file in tomcat as attached. (PFA)


i got a message that certificate key was installed to keystore,but still iam getting certificate error.
vikram kalyanAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

David Johnson, CD, MVPOwnerCommented:
what is the error and if you view the certificate are the results as expected?
0
vikram kalyanAuthor Commented:
I am able to access the website without any CERTIFICATE issue by accessing below url

https://ABCEFGH.org:8443

We created a network DSN for URL redirection (ABCEFGH.org-->XYZ.org)

https://XYZ.org:8443 (Here i am getting the certificate error,do i need to create a certificate for redirected name XYZ.org)

Thanks for your response
0
David Johnson, CD, MVPOwnerCommented:
https://XYZ.org:8443 (Here i am getting the certificate error,do i need to create a certificate for redirected name XYZ.org)
you need to add a subject alternative name that has the redirected name
0
David FavorLinux/LXD/WordPress/Hosting SavantCommented:
Give your exact URL, so tools can be used to test your SSL config.

Trying to debug SSL problems... theoretically rarely works... Being able to probe your config, will likely provide the answer quickly.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
SSL / HTTPS

From novice to tech pro — start learning today.