Adding certificate to a java keystore


#1

I have been trying to follow the tomcat example that was posted early in Jan but the client seems to have generated me a different set of files so I’m unable to run the following cmd

openssl pkcs12 -export -in $certdir/fullchain.pem -inkey $certdir/privkey.pem -out $certdir/cert_and_key.p12 -name tomcat -CAfile $certdir/chain.pem -caname root -password pass:aaa

I executed the following
./letsencrypt-auto certonly -d ghvh01.coa.local

and it produced the following files in .etc/letsencrypt

[root@GHVH01 letsencrypt]# ls -l *
accounts:
total 8
drwx------ 3 root root 4096 Jan 28 10:50 acme-staging.api.letsencrypt.org
drwx------ 3 root root 4096 Jan 28 10:53 acme-v01.api.letsencrypt.org

csr:
total 8
-rw-r–r-- 1 root root 960 Jan 28 10:50 0000_csr-letsencrypt.pem

keys:
total 8
-rw------- 1 root root 1704 Jan 28 10:50 0000_key-letsencrypt.pem

The openssl cmd seems to need 3 pem files

Once I have created the keystore I intend to set up a test environment that uses Wildfly 8.2 as the web server


#2

Is there anything in the “live” folder? Based on the directory listing, you don’t have any certificates yet.


#3

I don’t think Let’s Encrypt has issued you a certificate at all. The domain .local is a reserved domain and Let’s Encrypt is not able to issue certificates for names within it because they don’t have global scope.


#4

Thanks for the reply’s, the problem here is that I have not been issued a certificate because I was trying to setup a local server for internal testing and not a public internet site.