1 Reply Latest reply on Aug 28, 2015 3:46 AM by Christian Castelli

    Wildfly 8.2: importing wildcard certificate, intermediate certificate missing

    Christian Castelli Newbie

      Hi folks,

      I've followed this thread for importing my GeoTrust Wildcar certificate for my company domain (*.company.com). These are all the steps I've made so far:

      keytool -genkeypair -alias company -keyalg RSA -keysize 2048 -validity 7360 -keystore cdn.keystore -keypass pass -storepass pass
      keytool -import -v -trustcacerts -storepass pass -alias primaryca -keystore cdn.keystore -file public.pem
      openssl pkcs12 -export -in public.pem -inkey private.pem -CAfile ca.pem -name company -out keystore.p12
      keytool -importkeystore -deststorepass pass -destkeypass pass -destkeystore cdn.keystore -srckeystore keystore.p12 -srcstoretype PKCS12


      The third passage ask me to overwrite the company entry inserted in the first passage: if I say no, the browser doesn't recognized the GeoTrust certificate and it treats it like a normal self signed certificate. If I say yes, all seems to work properly but if I check my installation with GeoTrust CryptoReport (or another site) it tells me it miss intermediate key and it's not trusted.

      If I open the site with Chrome or Firefox I don'r receieve any security warning, but I'm concerned that the previous error could lead to incompatibilities with Microsoft ADFS (I use Spring Security SAML).

      Any ideas?