Home > Others

OpenSSL generates a CSR file, converting CRT and key files to jks files under Tomcat

Source: Internet
Author: User
Tags pkcs12 in domain
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

OpenSSL req-new-newkey rsa:2048-nodes-keyout 1dottea.com.key-out DOMAIN.COM.CSR


This command will generate 2 files: 1 CSR files and one key file

Domain.com.csr

Domain.com.key



Copy and paste the contents of the CSR file into GoDaddy and click Apply.


After successful application, the download will get a zip package, I choose the other type (no nginx server, so choose the other).


There are 2 files in the compressed package that resemble the following

313fd7ca5877f128.crt

Gd_bundle-g2-g1.crt


Execute the following command:


Cat 313fd7ca5877f128.crt gd_bundle-g2-g1.crt > DOMAIN.COM.CRT


This time the resulting CRT files and key files can get nginx under the configuration used.


===================================================================================



However, if you want to convert the CRT files and key files at this time to the Keystone file used under Tomcat, you need to take advantage of the following two commands.

[email protected] tomcat]# OpenSSL pkcs12-export-in domain.name.crt-inkey domain.name.key-out mycert.p12-name Tomcat -cafile Domain.name.crt-caname Root-chain
Enter Export Password:
Verifying-enter Export Password:


[Email protected] tomcat]# keytool-importkeystore-v-srckeystore mycert.p12-srcstoretype pkcs12-destkeystore Tomcat. Keystore-deststoretype JKs
Enter Destination KeyStore Password:
Re-enter new password:
Enter Source KeyStore Password:
Entry for alias Tomcat successfully imported.
Import command completed:1 entries successfully imported, 0 entries failed or cancelled
[Storing Tomcat.keystore]


These 2 commands are thanks to the author of the following article:

Http://www.oschina.net/question/2266279_221175?sort=time



The configuration in Tomcat is as follows:



<connector port= "8443" protocol= "Org.apache.coyote.http11.Http11Protocol"

Maxthreads= "150"

Sslenabled= "true"

Scheme= "https"

Secure= "true"

Clientauth= "false"

Sslprotocol= "TLS"

Keystorefile= "/root/ssl/tomcat/tomcat.keystore"

Keystorepass= "123456"

/>


This code would have been commented out, uncomment it, and then modify it.

Then enter the address in the browser:

Https://www.domain.name:8443/webapp_name


So you can see the green of expectation.


After the test, completely normal.

This article from "Leboit" blog, declined reprint!

OpenSSL generates a CSR file, converting CRT and key files to jks files under Tomcat

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
openssl create private key and csr openssl generate csr and private key openssl generate private key and csr csr files csr to crt online openssl read crt file crt to p12 openssl

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More