0

I tested the solution which given there:
In relation with the topic, How to add a SSL connector for apache karaf?

but I would want to use a certification authority CA. For that purpose, I generated a CSR from the Keystore generated with a command like :

keytool -certreq -alias MyAlias -file MyCSR.csr -keystore Serverkeystore.jks

then I got back a CRT signed by our CA, but I do not know how to use it and where to declare it.
Would know how to declare it in the file CFG Pax Web? or if I just have to insert it into the store of key Serverkeystore.jks ?

(I am in Karaf V4.0.3)

Vadim Kotov
  • 8,084
  • 8
  • 48
  • 62
Francois H.
  • 1
  • 1
  • You need to [import](https://www.ibm.com/support/knowledgecenter/en/SSYKE2_8.0.0/com.ibm.java.security.component.80.doc/security-component/keytoolDocs/ex_importcertreply.html) the signed certificate that your CA sent you into the server keystore. – Ralf Sep 11 '17 at 09:06
  • Hi, Thank you for the information, I began to suspect it by noticing that there was no parameter to point directly this certificate in the configuration org.ops4j.pax.web.cfg It is going to stay in the keystore, the private key which allowed me to make the CSR, and the signed key CRT ? Think you that it is necessary to load also the certificate that there which signs the CRT? – Francois H. Sep 12 '17 at 12:58
  • To be more clear, I spoke about the certificate RootCA that which chains the signed CRT – Francois H. Sep 13 '17 at 09:33

0 Answers0