Import certificate to Apache tomcat: Failed to establish chain from reply
After I got certificate, I tried to import it as specified here: http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html#Edit%20the%20Tomcat%20Configuration%20File
But I got this error:
C:\Program Files (x86)\Java\jre6\bin>keytool -import -alias tomcat -keystore C:\ SSL\.keystore -file C:\SSL\SSL_Internal_Certificate_for_isdc-planning.cer
Enter keystore password:
keytool error: java.lang.Exception: Failed to establish chain from reply
I need to import first chain certificate, by apache document Import the Chain Certificate into you keystore
keytool -import -alias root -keys开发者_如何学JAVAtore <your_keystore_filename> \
-trustcacerts -file <filename_of_the_chain_certificate>
When I printed the certificate it's issuer is:
Issuer: CN=Intranet Basic Issuing CA 2B
I downloaded the chain certificates:
- Intranet Basic Issuing CA 1A(1).crt
- Intranet Basic Issuing CA 1A(2).crt
- Intranet Basic Issuing CA 1A.crt
- Intranet Basic Issuing CA 1B(1).crt
- Intranet Basic Issuing CA 1B(2).crt
- Intranet Basic Issuing CA 1B.crt
- Intranet Basic Issuing CA 2A(1).crt
- Intranet Basic Issuing CA 2A.crt
- Intranet Basic Issuing CA 2B(1).crt
- Intranet Basic Issuing CA 2B.crt
- Intranet Basic Policy CA(1).crt
- Intranet Basic Policy CA.crt
- Root CA.crt
Issuer of Intranet Basic Issuing CA 2B.crt is Intranet Basic Policy CA and its Issuer is:Root CA certificate But I can't import 3 certificates into root alias.
And imported "Intranet Basic Issuing CA 2B.crt" into root and then rerun import of tomcat alias But got the same error:
keytool error: java.lang.Exception: Failed to establish chain from reply
What is correct way to import correct chain certificate?
精彩评论