Hi I am a brand new Comodo want-a-be customer and I need to make sure that your stuff works before I buy what I need. Currently I have two types of servers that need ssl certificates
1. Apache mod-ssl - No problem it works great
2. JBOSS (j2ee application server) - I have issues here
I used the following references to secure my certificate for JBOSSA. Create Certificate Requesthttps://support.comodo.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=244&nav=0,1,33 B. Install Certificate http://www.instantssl.com/ssl-certificate-support/cert_installation/ssl-certificate-java.html
A little background JBOSS is a java based application and uses keytool to generate csrs and store it stores all the certificate stuff in a keystore file. The keystore is referenced in an xml configuration file called server.xml. The default port for jboss ssl is 8443. When Generating the cerificate I used the only java option in the drop down box for certificate type.
To create the private key and certificates I ran the following commands:
>keytool -genkey -keyalg RSA -keystore jboss.dev1.com.key -validity 360
>keytool -certreq -keyalg RSA -file dev1.com.csr -keystore jboss.dev1.com.key
I used the contents of the .csr file to create my java based certificate, which is delivered in a zip file which was problem number 1.
Problem 1. -the zip file contains 5 certificates, not 3 like the directions imply these files are:AddTrustExternalCARoot.crt
So for lack of better direction I did the following Installation steps:
> keytool -import -trustcacerts -alias root -file AddTrustExternalCARoot.crt -keystore jboss.dev1.com.key
> keytool -import -trustcacerts -alias INTER -file EssentialSSLCA.crt -keystore jboss.dev1.com.key
> keytool -import -trustcacerts -alias dev1 -file dev1_com.crt -keystore jboss.dev1.com.key
Guessing that EssentialSSLCA.crt was the INTERmediate certificateIs this correct or should I somehow be adding these other certificates to the keystore?
2. Problem 2
When I use this certificate and attempt to access the jboss server via https://dev1.com:8443
The browser sqwaks that it is expecting server dev1.com but getting dev1.com:8443.
I tried creating a certificate for dev1.com:8443 but the comodo certificate generator did not like this.Can some give me a hint on what I am doing wrong?