Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

WSO2 IS: How to add SSL Certificate

Tags:

certificate

ssl

ssl-certificate

wso2

wso2-identity-server

I've done following steps

  1. Create keystore:

    keytool -genkey -alias wso2carbon -keyalg RSA -keystore wso2carbon.jks -keysize 2048

  2. Crete certificate request:

    keytool -certreq -alias wso2carbon -keystore wso2carbon.jks -storepass wso2carbon

  3. Bought Comodo PositiveSSL certificate

  4. Import all certificates to newly created keystore - wso2carbon.jks:

    keytool -import -alias root -keystore wso2carbon.jks -trustcacerts -file AddTrustExternalCARoot.crt -storepass wso2carbon

keytool -import -alias intermediate1 -keystore wso2carbon.jks -trustcacerts -file COMODORSAAddTrustCA.crt -storepass wso2carbon

keytool -import -alias intermediate2 -keystore wso2carbon.jks -trustcacerts -file COMODORSADomainValidationSecureServerCA.crt -storepass wso2carbon

keytool -import -alias domain.com -keystore wso2carbon.jks -trustcacerts -file domain_com.crt -storepass wso2carbon

  5. Copied wso2carbon.jks to {CARBON_HOME}/repository/resources/security/ and overwrite the old one.

  6. Restarted WSO2 IS. WHen I inspect with prowser it says in Certificate hiararchy only domain.com is present.

In general I followed this tutorial https://docs.wso2.com/display/AS521/Creating+New+Keystores#CreatingNewKeystores-Creatingakeystoreusinganewcertificate

like image 514
zarej Avatar asked Oct 08 '16 21:10

zarej

People also ask

How do I add an SSL certificate?

In the Websites and Domains section for the domain name you want to use, click SSL/TLS Certificates. Click Add SSL Certificate. Enter a Certificate name, complete the fields in the Settings section, and then click Request. Click the name of the certificate you added to Plesk.

1 Answers

I've found the solution:

At point 3 I needed to put the same alias like in point 1 for last import - domain.com:

keytool -import -alias wso2carbon -keystore wso2carbon.jks -trustcacerts -file domain_com.crt -storepass wso2carbon

Now it works great with web browsers but when access with Android it is still not trusted, but that is for another topic.

like image 175
zarej Avatar answered Oct 21 '22 20:10

zarej
Sign in to Comment

Related questions

SSL connection reuse with Android HttpClient
Overriding the SSL Trust Manager in Android
QT ssl error on hotmail.com: The issuer certificate of a locally looked up certificate could not be found
Glassfish 3.1.2.2 behind an SSL terminating load balancer
How can I let users visit amazon s3 html/javascript pages through my custom domain?
"Received fatal alert: handshake_failure" when trying to connect to https web service
HttpClient: ssl handshake on every request
SSL - only allow specific clients or servers (Java truststore)
How to accept SSL connection in one process and reuse the same SSL context in another process
.NET The request was aborted: Could not create SSL/TLS secure channel
Net::HTTP extremely slow responses for HTTPS requests
Connect to FTP TLS 1.2 Server with ftplib
Can't connect from JAVA to Mongo SSL Replica Set
Enable TLSv1.2 in apache 2.2.22
Flask-Python redirection to https The connection was reset
SSL on Google Compute Engine with nodejs
Owin self host SSL connection reset
'Missing PFX or certificate + private key.' in https socket.io
nodejs app accessible on port 3000 behind nginx reverse proxy
AttributeError: 'module' object has no attribute 'sslwrap'

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!