SSL Help Please

Eight Stars

SSL Help Please

Hello:
I generated a new SSL certificate from CA. It was delievered as .pem file. I converted it to .der file (so that it can be imported into jks)

openssl x509 -outform der -in mycertificate.pem -out mycertificate.der


I used following command to import the certificate into a new keystore:

keytool -import -alias push -keystore mykeystore.jks -file mycertificate.der



When I see the contents of the jks file, I see my imported certificate correctly:

keytool -keystore mykeystore.jks -list



Now, I edited the <karaf container>/etc/org.ops4j.pax.web.cfg

org.osgi.service.http.port=8040
org.osgi.service.http.port.secure=9001
org.osgi.service.http.secure.enabled=true
org.ops4j.pax.web.ssl.keystore=/path_to_mykeystore.jks
org.ops4j.pax.web.ssl.keypassword=<my keystore password>


I restarted the container. When I am accessing the web console at:
https://<mydomain>:9001/system/console nothing shows up. I see that 9001 port is not listening on my side. What am I doing wrong here?

 

Also, I am not seeing any logs in Runtime container logs.

Thanks in advance.

Eight Stars

Re: SSL Help Please

Turns out I did not import the private key in the keystore.

I ended up with:
openssl pkcs12 -export -inkey privkey.pem -in fullchain.pem -name push -out push.p12

keytool -importkeystore -srckeystore push.p12 -srcstoretype pkcs12 -destkeystore push.jks

After that, it worked. However, I am still trying to figure out how to get my REST service is HTTPS enabled.

Cloud Free Trial

Try Talend Cloud free for 30 days.

Tutorial

Introduction to Talend Open Studio for Data Integration.

Definitive Guide to Data Integration

Practical steps to developing your data integration strategy.

Definitive Guide to Data Quality

Create systems and workflow to manage clean data ingestion and data transformation.