Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
i have already a cert for apache, and i need the same cert for the tomcat server
I ran this command:
openssl pkcs12 -export -in cert.pem -inkey privkey.pem -out cert_and_key.p12 -name tomcat -CAfile chain.pem -caname root -password pass: xxx
I just did made this configurations, and i get the B- grade. You have right, i seem a misconfiguration of the server.
Sorry by the inconvenient.
I will keep reading about theme.
here its the config, if you see someelse bad in the config, I really appreciate that you can tell me about for i get a better grade.
It looks like you are now getting an A.
Just on a side note, if you want an A+ add the line:
Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains"
to your config. It enables HSTS