Bought certificate and add it to the manual Certificate Installation: Java Based Web Servers (Tomcat) using keytool - Powered by Kayako Help Desk Software. In the same instructions (Organization Validation (SHA-2) - Powered by Kayako Help Desk Software) download certificate AddTrustExternalCARoot.crt, comodorsaaddtrustca.crt and comodorsaorganizationvalidationsecureserverca.crt. I write the command:
c:\Progra~1\Java\jre6\bin\keytool.exe -import -trustcacerts -alias AddTrustExternalCARoot -file AddTrustExternalCARoot.crt -keystore krd.keystore
c:\Progra~1\Java\jre6\bin\keytool.exe -import -trustcacerts -alias comodorsaaddtrustca -file comodorsaaddtrustca.crt -keystore krd.keystore
c:\Progra~1\Java\jre6\bin\keytool.exe -import -trustcacerts -alias comodorsaorganizationvalidationsecureserverca -file comodorsaorganizationvalidationsecureserverca.crt -keystore krd.keystore
c:\Progra~1\Java\jre6\bin\keytool.exe -import -trustcacerts -alias krd.ru -file krd_ru.crt -keystore krd.keystore
I did not get the message: Certificate reply was installed in keystore. I get the message: Certificate was added to keystore. After installation, I have problems.
The issue I see is that the server is returning this error:
Technical Details kardi.ru uses an invalid security certificate. The certificate is not trusted because it is self-signed. The certificate is only valid for www.kardi.ru (Error code: sec_error_unknown_issuer)
This normally means that when you imported the main certificate for kardi.ru you used a different alias.
Looking at the file you attached I think the alias you used was ‘tomcat’.
So, importing the main certificate again using that alias might resolve the issue.
Make a note of the alias you used when creating the CSR.
When you receive the newly issued certificates import them again and ensure the main site certificate is imported using the alias you made note of earlier.