开发者

Import certificate to Apache tomcat: Failed to establish chain from reply

After I got certificate, I tried to import it as specified here: http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html#Edit%20the%20Tomcat%20Configuration%20File

But I got this error:

C:\Program Files (x86)\Java\jre6\bin>keytool -import -alias tomcat -keystore C:\ SSL\.keystore -file C:\SSL\SSL_Internal_Certificate_for_isdc-planning.cer   
Enter keystore password:   
keytool error: java.lang.Exception: Failed to establish chain from reply

I need to import first chain certificate, by apache document Import the Chain Certificate into you keystore

keytool -import -alias root -keys开发者_如何学JAVAtore <your_keystore_filename> \  
                -trustcacerts -file <filename_of_the_chain_certificate>

When I printed the certificate it's issuer is:

Issuer: CN=Intranet Basic Issuing CA 2B

I downloaded the chain certificates:

  • Intranet Basic Issuing CA 1A(1).crt
  • Intranet Basic Issuing CA 1A(2).crt
  • Intranet Basic Issuing CA 1A.crt
  • Intranet Basic Issuing CA 1B(1).crt
  • Intranet Basic Issuing CA 1B(2).crt
  • Intranet Basic Issuing CA 1B.crt
  • Intranet Basic Issuing CA 2A(1).crt
  • Intranet Basic Issuing CA 2A.crt
  • Intranet Basic Issuing CA 2B(1).crt
  • Intranet Basic Issuing CA 2B.crt
  • Intranet Basic Policy CA(1).crt
  • Intranet Basic Policy CA.crt
  • Root CA.crt

Issuer of Intranet Basic Issuing CA 2B.crt is Intranet Basic Policy CA and its Issuer is:Root CA certificate But I can't import 3 certificates into root alias.

And imported "Intranet Basic Issuing CA 2B.crt" into root and then rerun import of tomcat alias But got the same error:

keytool error: java.lang.Exception: Failed to establish chain from reply

What is correct way to import correct chain certificate?

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜