I am a complete newbie when it comes to implimenting SSL into jboss, so I hope someone can please give me some guidance.
I am busy configuring a SSL cert for a internal site issued by the company CA
Firstly I added the root ca cert to the keystore with the following command: keytool -import -v -noprompt -trustcacerts -alias root -file root-ca.cert -keystore server.keystore then I imported the certificate that the ca had signed for this machine keytool -import -v -alias tomcat -file tmobca.pem -keystore server.keystore
So far so good but now I come to the part that I don't get.
I have read that if I have a certificate from an internal CA then it needs to be in the PKCS12 format but I why can I then import the cert signed by the internal CA with the command above? if I do keytool -list -v -keystore server.keystore it says Keystore type: JKS in the root certificate section but there is no mention of the keystore type in the cert signed by the CA so when I open up the server.xml file and I change the section keystoreType="" to keystoreType="JKS" and I set the keyAlias to the profile name of the signed cert start jboss and it refuses to load but it I use the profile name of the self signed cert jboss starts.
Should I delete the keystore file and import the root cert and the signed cert from the ca? what would be the best way forward?