Hi Daniel, Thank you very much for stepping in, I’m processing a new set of certificates that I hope to try tomorrow.
Warm regards, -Conor On Tue, May 31, 2016 at 8:41 AM, Daniel Mikusa <dmik...@pivotal.io> wrote: > On Mon, May 30, 2016 at 11:26 PM, Conor Skyler <conorsky...@gmail.com> > wrote: > > > Hello list, > > > > I'm trying to install the certificates I bought from GoDaddy into my > Tomcat > > server, however so far I've been unsuccessful to achieve this. > > > > My system specs are: > > OS: Amazon Linux (fully updated) > > Tomcat version: 8.0.32, installed from the repos > > Java version: $ java -version > > openjdk version "1.8.0_91" > > OpenJDK Runtime Environment (build 1.8.0_91-b14) > > OpenJDK 64-Bit Server VM (build 25.91-b14, mixed mode) > > > > To install the certificates I followed this tutorial from GoDaddy > website: > > > > > https://ar.godaddy.com/help/tomcat-generate-csrs-and-install-certificates-5239 > > which explains how to create a KeyStore and configure the <Connector> in > > the server.xml file. > > > > Follow these instructions. > > > > > > Now, judging from the official Tomcat documentation in > > https://tomcat.apache.org/tomcat-8.0-doc/ssl-howto.html it's stated > that I > > first need to conver the .crt files provided by GoDaddy to PKCS12 format > -- > > I wonder then why the instructions in GoDaddy's website state other > thing! > > > > There's more than one way to do this. If you started out by following the > GoDaddy instructions to generate your CSR, then continue to follow them to > import your signed certificate. > > > > > > But then I read this piece of documentation that left me completely > > bewildered: > > To import an existing certificate signed by your own CA into a PKCS12 > > keystore using OpenSSL you would execute a command like: > > > > openssl pkcs12 -export -in mycert.crt -inkey mykey.key > > -out mycert.p12 -name tomcat -CAfile myCA.crt > > -caname root -chain > > > > In this example there's a reference to a 'mykey.key' file that I don't > > have a clue how to obtain it or from where it comes since when I > > download the certificates provided by GoDaddy, there's no such .key > > file: I can download several different types of certificates in .crt > > format but there isn't any .key file to download. > > > > This has to do with the way that you generated the CSR. The GoDaddy > instructions have you using keytool and a keystore. In this case, your > private key will exist in the keystore, so you won't have a .key file and > that's OK. > > > > > > I tried contacting their support and well, they weren't any helpful at > > all, they pointed me to the repository where all the certificates are > > stored and told me to 'find someone that knows how to handle them' -- > > thanks for nothing :( > > > > Finally I want to say that I have Tomcat running smooth at port 8080, > > I even configured an administrator user to access the status page > > which works perfectly, my problem is that I just can't find how to > > properly install and configure the SSL. > > > > Follow the GoDaddy instructions. They should work. If you get stuck on a > specific step, let us know. > > Dan > > > > > > What I'm not sure though is what part or steps I'm missing, I believe > > this has to be much more simpler that it's been so far for me but > > seriously I can't wrap my mind around it. > > > > Thank you very much for taking the time to read this n00b's help scream. > > > > Best regards, > > -Conor > > >
