We are trying to setup our stat web application to use (https) SSL, rather than http. We are getting an error with our certificate when trying to access the web page:
There is a problem with this website's security certificate
Using different alias name for importing certificate as the one used in generating self-signed certificate and CSR file.
HTTPS requires an SSL Certificate. When you generate an SSL Certificate, you are creating a keystore file and a keystore password for use when the browser interface connects to the Master Server.
You can choose whether to have a Certifying Authority sign the certificate or you can use a self-signed certificate. A certificate signed by a Certifying Authority is trusted by browsers, therefore the browser does not issue a warning when a user connects to the browser interface on the Master Server. Generally, Certifying Authorities charge a fee to sign a certificate. A self-signed certificate is available for use immediately after you generate the certificate because you do not have to wait for the Certifying Authority to sign it. However, a self-signed certificate is not trusted by the browser, so the browser issues a warning each time a user connects to the Master Server.
1. This is an expected warning/error if you are using self-signed certificate. For more information, go to : http://jgeeks.blogspot.com/2009/08/ssl-on-tomcat-jboss-and-command-line.html
2. If your certificate come from an authorized vendor then make sure that the same alias name for importing certificate as the one used in generating self-signed certificate and CSR file. This is an example from VeriSign SSL certificate:
keytool -genkey -alias sam -keyalg RSA -keystore sss.jks
keytool -certreq -keyalg RSA -alias sam -file certreq.csr -keystore sss.jks
keytool -import -alias root -keystore sss.jks -file rootCA.cer
keytool -import -trustcacerts -alias inter -keystore sss.jks -file interCA.cer
keytool -import -trustcacerts -alias sam -keystore sss.jks –file cert.cer
