We are running Confluence 4.3.7 with SSL on debian.
We are having trouble importing our new wildcard certificate using the provided tutorial here:
https://confluence.atlassian.com/display/DOC/Running+Confluence+Over+SSL+or+HTTPS
Have also tried the tutorial directly from digicert:
http://www.digicert.com/ssl-certificate-installation-tomcat.htm
The csr was not generated on the confluence box
Using both tutorials ends with "keytool error: java.lang.Exception: Input not an X.509 certificate"
That didn't solve the problem either but I decided to go back and read over the errors I have recieved over the last day working on this and with some help from online articles then problem was my keystore password was different then my certificate password. SO I deleted the keystore, remade it with my cert password and everything imported and is now working.
keytool -importkeystore -deststorepass 123456 -destkeypass 123456 -destkeystore /root/.keystore -destalias server -srckeystore star.domain.com.pfx -srcstoretype PKCS12 -srcstorepass 123456
I can download multiple bundles for the certificates from digitcert I have tried importing a p7b bundle of all certs with a .cer extension unsuccessfully as well.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
hey charles...
how was the cert file created?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
the csr was generated using the OpenSSL CSR Tool on the digicert site.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
keytool -importcerts -alias server -file star_domain_com.p7b -keystore <keystore_name>
"keytool error: java.lang.Exception: Input not an X.509 certificate"
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
ok.
please run this on your box
openssl pkcs7 -chain -print_certs -in star_domain_com.p7b -out star_domain_com.cer
afterwards try importing the cer file.
let me know how it goes
please note: i am not 100% if this will work for you...but i remember not facing any issues using .cer or .crt files...so lets try converting this. don't worry your .p7b still be there.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
ok i found another way...lets stick with the p7b
keytool -import -trustcacerts -alias server -filestar_domain_com.p7b
-keystore <keystore_name>
can you try thisone please?
ps: use comment
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
maybe this solution will work for you
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
keytool -importcert -alias server -file star_domain.com.cer -keystore <keystore_name>
Enter keystore password:********
keytool error: java.lang.Exception: Input not an X.509 certificate
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.