I'm experiencing difficulties getting JBoss/Tomcat to present the trust chain to the client.
The server certificate is signed by an intermediate CA and the intermediate CA has a certificate signed by the root CA.
I imported these certificates into the keystore using keytool. A keytool -list shows these. However, after reviewing a number of tutorials and HOWTOs on the net, it still remains unclear what alias one has to specify. The certificate of the website has the alias tomcat that is also used in the JBoss configuration.
The tutorials suggest numerous alias -- but not the same as the alias of the site cert -- values for the certificates.