Hello Rene, I'm glad everything works as expected and thanks for sharing!
On Sun, Nov 26, 2017 at 3:23 AM, Rene Scholz < rene.sch...@abakus-edv-systems.de> wrote: > Hello, > > I solved my problem. It was not a problem with OM but with my eyes. > > It's curious, you look ten times at the same word and then - hanky panky - > you see that there are characters in wrong order. > My mistake, no question. > > Maybe anybody will help this: > At the moment I use letsencrypt-certificates on my server with a handful > of domains with a lot of subdomains. > As GUI I use Plesk and for the letsencrypt-certificates I use a Addin for > Plesk. This Addin will automatically update when it is time. > Nice! > > One of the differences is that plesk store the certificates in other pqath > than /etc... > > Here my step-by-step-manual > 1.) delete (or rename) OM/conf/keystore.jks > delete (or rename) OM/conf/truststore.jks > > Note: > Please replace "YOURDOMAIN" with the Domain-Name you want to use (I use a > subdomain) > Please replace "OM-DIRECTORY" with the directory where your OM is > You have to type three times the Password. Use "password". > > 2.) > cd /opt/"OM-DIRECTORY"/conf > openssl pkcs12 -export -in > /opt/psa/var/modules/letsencrypt/etc/live/"YOURDOMAIN"/cert.pem > -inkey /opt/psa/var/modules/letsencrypt/etc/live/"YOURDOMAIN"/privkey.pem > -out red5.p12 -name red5 -certfile /opt/psa/var/modules/ > letsencrypt/etc/live/"YOURDOMAIN"/chain.pem > keytool -importkeystore -srcstorepass password -srckeystore red5.p12 > -srcstoretype PKCS12 -deststorepass password -destkeystore keystore.jks > -alias red5 > keytool -import -alias root -keystore keystore.jks -trustcacerts -file > /opt/psa/var/modules/letsencrypt/etc/live/om.abakus-progs.de/chain.pem > keytool -importkeystore -srckeystore keystore.jks -destkeystore > keystore.jks -deststoretype pkcs12 > cp keystore.jks truststore.jks > > I am not sure if the line > *keytool -importkeystore -srckeystore keystore.jks -destkeystore > keystore.jks -deststoretype pkcs12* > is really necessary. I get a appropriate notice so I search a solution. > Maybe it is not necessary, but it works in my case. > > This evening I am one of the happiest creature on our planet! > (Tomorow I have a look on an automatically Update-Skript when the > certificates will extended.) > Tomorrow is a new day with new solutions. > > With best regards, > > Rene > > > > > > > > > > Am 25.11.2017 um 11:09 schrieb Maxim Solodovnik: > > Hello Rene, > I'm not sire why only ipv6 is being listen > Do you have any issues during connect? > > WBR, Maxim > (from mobile, sorry for the typos) > > On Nov 25, 2017 03:51, "Rene Scholz" <rene.sch...@abakus-edv-systems.de> > wrote: > >> Hello, >> >> @Maxim: thank you very much for the link. With this help I had >> implenented the letsencrypt-keys. >> >> After editing the "jee-container.xml" my OM only listening at tcp6. >> >> When I make a "netstat -plnt|grep 5443" I see >> tcp6 0 0 :::5443 :::* LISTEN 2028/java >> >> There is no access at https with port 5443. But the http at port 5080 is >> further in function. >> >> What I forget? is it not necessayry to listen the "tcp"? >> >> Best regards, >> >> Rene >> >> >> >> >> >> >> > -- WBR Maxim aka solomax
