SSL Help Please

Eight Stars

SSL Help Please

Hello:
I generated a new SSL certificate from CA. It was delievered as .pem file. I converted it to .der file (so that it can be imported into jks)

openssl x509 -outform der -in mycertificate.pem -out mycertificate.der


I used following command to import the certificate into a new keystore:

keytool -import -alias push -keystore mykeystore.jks -file mycertificate.der



When I see the contents of the jks file, I see my imported certificate correctly:

keytool -keystore mykeystore.jks -list



Now, I edited the <karaf container>/etc/org.ops4j.pax.web.cfg

org.osgi.service.http.port=8040
org.osgi.service.http.port.secure=9001
org.osgi.service.http.secure.enabled=true
org.ops4j.pax.web.ssl.keystore=/path_to_mykeystore.jks
org.ops4j.pax.web.ssl.keypassword=<my keystore password>


I restarted the container. When I am accessing the web console at:
https://<mydomain>:9001/system/console nothing shows up. I see that 9001 port is not listening on my side. What am I doing wrong here?

 

Also, I am not seeing any logs in Runtime container logs.

Thanks in advance.

Eight Stars

Re: SSL Help Please

Turns out I did not import the private key in the keystore.

I ended up with:
openssl pkcs12 -export -inkey privkey.pem -in fullchain.pem -name push -out push.p12

keytool -importkeystore -srckeystore push.p12 -srcstoretype pkcs12 -destkeystore push.jks

After that, it worked. However, I am still trying to figure out how to get my REST service is HTTPS enabled.

2019 GARNER MAGIC QUADRANT FOR DATA INTEGRATION TOOL

Talend named a Leader.

Get your copy

OPEN STUDIO FOR DATA INTEGRATION

Kickstart your first data integration and ETL projects.

Download now

What’s New for Talend Summer ’19

Watch the recorded webinar!

Watch Now

Talend API Designer – Technical Overview

Take a look at this technical overview video of Talend API Designer

Watch Now

Getting Started with APIs

Find out how to get started with APIs

Read