OpenSSL req-new-newkey rsa:2048-nodes-keyout 1dottea.com.key-out DOMAIN.COM.CSR
This command will generate 2 files: 1 CSR files and one key file
Copy and paste the contents of the CSR file into GoDaddy and click Apply.
After successful application, the download will get a zip package, I choose the other type (no nginx server, so choose the other).
There are 2 files in the compressed package that resemble the following
Execute the following command:
Cat 313fd7ca5877f128.crt gd_bundle-g2-g1.crt > DOMAIN.COM.CRT
This time the resulting CRT files and key files can get nginx under the configuration used.
However, if you want to convert the CRT files and key files at this time to the Keystone file used under Tomcat, you need to take advantage of the following two commands.
[email protected] tomcat]# OpenSSL pkcs12-export-in domain.name.crt-inkey domain.name.key-out mycert.p12-name Tomcat -cafile Domain.name.crt-caname Root-chain
Enter Export Password:
Verifying-enter Export Password:
[Email protected] tomcat]# keytool-importkeystore-v-srckeystore mycert.p12-srcstoretype pkcs12-destkeystore Tomcat. Keystore-deststoretype JKs
Enter Destination KeyStore Password:
Re-enter new password:
Enter Source KeyStore Password:
Entry for alias Tomcat successfully imported.
Import command completed:1 entries successfully imported, 0 entries failed or cancelled
These 2 commands are thanks to the author of the following article:
The configuration in Tomcat is as follows:
<connector port= "8443" protocol= "Org.apache.coyote.http11.Http11Protocol"
This code would have been commented out, uncomment it, and then modify it.
Then enter the address in the browser:
So you can see the green of expectation.
After the test, completely normal.
This article from "Leboit" blog, declined reprint!
OpenSSL generates a CSR file, converting CRT and key files to jks files under Tomcat