Seven Stars

SSL Help Please

I generated a new SSL certificate from CA. It was delievered as .pem file. I converted it to .der file (so that it can be imported into jks)

openssl x509 -outform der -in mycertificate.pem -out mycertificate.der

I used following command to import the certificate into a new keystore:

keytool -import -alias push -keystore mykeystore.jks -file mycertificate.der

When I see the contents of the jks file, I see my imported certificate correctly:

keytool -keystore mykeystore.jks -list

Now, I edited the <karaf container>/etc/org.ops4j.pax.web.cfg

org.ops4j.pax.web.ssl.keypassword=<my keystore password>

I restarted the container. When I am accessing the web console at:
https://<mydomain>:9001/system/console nothing shows up. I see that 9001 port is not listening on my side. What am I doing wrong here?


Also, I am not seeing any logs in Runtime container logs.

Thanks in advance.

Seven Stars

Re: SSL Help Please

Turns out I did not import the private key in the keystore.

I ended up with:
openssl pkcs12 -export -inkey privkey.pem -in fullchain.pem -name push -out push.p12

keytool -importkeystore -srckeystore push.p12 -srcstoretype pkcs12 -destkeystore push.jks

After that, it worked. However, I am still trying to figure out how to get my REST service is HTTPS enabled.