Security Broken After Creating JKS


#1

I successfully secured my url on an Amazon Linux server, (using instructions from digitalocean and ivoptkov) and it was working fine, without issues.

I needed to make this work for Tomcat, so following the instructions here I created a JKS file. However, before testing the JKS to see if it worked, I removed httpd24 and installed httpd as a binary was missing when following instructions for setting up MOD_JK.

To create the JKS, I copied the pem files from /etc/letsencrypt/archive/domain and ran the following commands:

openssl pkcs12 -export -in fullchain.pem -inkey privkey.pem -out fullchain_and_key.p12 -name tomcat_cloud_client

keytool -importkeystore -deststorepass changeit -destkeypass changeit -destkeystore MyDSKeyStore.jks -srckeystore fullchain_and_key.p12 -srcstoretype PKCS12 -srcstorepass changeit -alias tomcat

keytool -import -trustcacerts -alias root -file chain.pem -keystore MyDSKeyStore.jks

My issue is that my url is now no longer secure and I’m not certain if creating the JKS or removing httpd24 is what caused the SSL to break. I tried running the command to renew the cert but that also said no renewal was attempted.

I’m a little new to this so please bare with me if I’m missing anything.

Thanks


#2

After stopping to rest for an hour… I realized that this was caused by my blatant oversight… the issue was in the configurations.

Please ignore


#3

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.