1 Reply Latest reply on Nov 13, 2013 4:51 AM by jfclere

Installing a signed certificate to JBoss (Https)

mandarbk Nov 12, 2013 11:08 AM

I am trying to install a signed certificate and hope to use it for my further https communication from external clients.

Here is the process I am following,

1) This Creates a trustedCertEntry in myapp.keystore.

keytool -importcert -file mike.cert -alias mikekey -keypass mikepass -keystore myapp.keystore -storetype JKS -storepass myapppass –noprompt

2) Change the password of the key by using following command to ensure that key password matches the keystore password.

keytool -keypasswd -keystore myapp.keystore -storepass myapppass -storetype JKS -alias mikekey -keypass mikepass -new myapppass

That generates the error,

"keytool error: java.lang.Exception: Alias <mikekey> has no key"

Server startup fails: "Error initializing endpoint: java.io.IOException: Alias name mikekey does not identify a key entry".

3) Changing the keystore password to match the key password did not help either.

Server start-up still throws up an error, “Alias name mikekey does not identify a key entry

4) Standalone.xml has following configuration which works well with my own self-signed certificate.

<connector enable-lookups="false" name="https" protocol="HTTP/1.1" scheme="https" secure="true" socket-binding="https">

<ssl certificate-key-file="${jboss.server.config.dir}/myapp.keystore" key-alias="mikekey" name="ssl" password="myapppass" protocol="ALL" verify-client="false"/>

</connector>

We are using JBoss AS 7.2.

Any pointers ?

Is there any documentation that provides a guideline to go about installing a signed certificate into JBoss ?

1. Re: Installing a signed certificate to JBoss (Https)

jfclere Nov 13, 2013 4:51 AM (in response to mandarbk)

It seems you have something wrong with certificate and the keys.
Are you sure you use the right key pair to generate the certificate request you get signed?
What does keytool --list output?
Actions