I’m getting quite frustrated trying to setup https access to our bitbucket server.
Following bitbuckets documentation isn’t that helpful.
So far I have the executed the following commands
Firtly, I created a certificate signing request and sent that to my certificate provider and they have sent me a certificate.
openssl req -new -newkey rsa:2048 -nodes -keyout domain.key -out domain.csr
At this point I have 3 files, domain.key, domain.csr and a ssl certificate provided to mey, domain.cer
I then tried to create a keystore with the following command
keytool -genkey -alias tomcat -keyalg RSA -keystore ssl-keystore
I was prompted for a keystore password and I provided one.
I then tried to import the certificate provided to me.
keytool -import -alias tomcat -file domain.cer -keystore ssl-keystore
and got the following error.
keytool error: java.lang.Exception: Public keys in reply and keystore don't match
I’m a complete ssl newbie and am relying on following website instructions and am at a loss now what to do.
Answer
Assuming you have 2 files below domain.key
and domain.cer
(private key and signed certificate) you can change tho format to pkcs12
like this
openssl pkcs12 -export -in domain.cer -inkey domain.key -name domain -out domain.p12
and then import in jkl
with
keytool -importkeystore -deststorepass changeme1 -destkeystore domain.jks -srcstorepass changeme2 -srckeystore domain.p12 -srcstoretype pkcs12
where changeme1
is the new keystore password and changeme2
is the password specified during the export (first step)
now you can use domain.jks
Attribution
Source : Link , Question Author : ScaryAardvark , Answer Author : vx3r