当前位置: 动力学知识库 > 问答 > 编程问答 >

java - Setting up two-way ssl with Certificate authority

问题描述:

I've set up a jetty (9.2.0.M1) hosted application.

I've configured jetty to run a two-way SSL with the following setup:

 server.keystore - contains server private key and is self signed.

server.truststore - contains clients certs that should be trusted.

This is working and when I hit https://127.0.0.1 in my browser where I have a valid certificate it works.

I'm now trying to do this without my own signed certificate. To do this I set up a DNS (lets say exampleDNS.com and created a certificate sign request server.csr that I sent to the CA-vendor.

I've got a mail back with the certificate to use and I included that into the server.keystore.

However: when I now hit https://exampleDNS.com the server still present the self signed certificate instead of validating it by the CA.

I'm probably missing something here but I can't really understand what I'm doing wrong.

Do I need to include root certificate of the specific CA-vendor into keystore/truststore?

网友答案:

If I were you I would try to repeat process one more time. And make sure you import Root cert first, Intermediate second and trial last. And last one should have the same alias as you used when created private key. I probably can't suggest anything else, sorry.

分享给朋友:
您可能感兴趣的文章:
随机阅读: