Please fill out the fields below so we can help you better.
My domain is: https://www.schej.co.uk, running on an Amazon AWS instance (linux AMI) instance. My application is based on DropWizard 1.0.5, Java 1.8.0_111. FYI - Dropwizard is a package of open source Java components which make up a full stack, with Jetty as the HTTP server.
The application works fine accessed as above on desktop browsers, but android chrome browsers throw the error above. In addition, an android app attempting to connect to exposed webservices fails for the same reason.
To get the certs I ran: certbot-auto certonly -w . -d schej.co.uk -d www.schej.co.uk
This seemed to work fine, delivering cert.pem, chain.pem, fullchain.pem and privkey.pem
I then ran:
openssl pkcs12 -export -in cert.pem -inkey privkey.pem -out cert_and_ket.p12 -name dw -CAfile fullchain.pem -caname root
to create the .p12 file, then
keytool -importkeystore -deststorepass xxxx -destkeypass xxx -destkeystore SchejKeystore.jks -srckeystore cert_and_ket.p12 -srcstoretype PKCS12 -alias dw
to create the PKCS12 keystore, then
keytool -import -trustcacerts -alias root -file fullchain.pem -keystore SchejKeystore.jks
to include the cert chain into the final jks, which I point dropwizard to to access the site over ssl.
Running https://www.digicert.com/help/ for my site seems to confirm the problem. What I I done wrong? Any help would be greatly assisted - and given DropWizard is a a relatively new platform, would greatly assist the commonuty (or thos eof us without certificate experts).
Thanks in advance
Chris