Environment
NetWare 6.5 SP8
Virtual Office
Virtual Office
Situation
When accessing Virtual Office user receives a blank page.
New 3rd party Certificate added to Apache configuration
New 3rd party Certificate added to Apache configuration
Resolution
Tomcat needs to trust the Certificate of Authority for the new
certificate.
By default tomcat will use the sys:\adminsrv\conf\.keystore file to read in the trusted CA's for VO
Use keytool to import the new certificate into the keystore.
Netware 6.5 contains the keytool command. However it's been noted that there have been occasional failures importing Certs with keytool returning an "invalid object" error message.
If that is the case you can copy the keystore to a workstation or Linux server and use the keystore command from there. Then copy it back to the NetWare server.
Method:
By default tomcat will use the sys:\adminsrv\conf\.keystore file to read in the trusted CA's for VO
Use keytool to import the new certificate into the keystore.
Netware 6.5 contains the keytool command. However it's been noted that there have been occasional failures importing Certs with keytool returning an "invalid object" error message.
If that is the case you can copy the keystore to a workstation or Linux server and use the keystore command from there. Then copy it back to the NetWare server.
Method:
- Obtain current list of certs in the keystore and note the "alias" names used
- keytool -list -keystore <path to .keystore file> -storepass apache
- Get an export of the cert from the tree and save it as a .der file
- See KB 7002343 option 1 for how to get an export of the Certificate
- Backup current .keystore file
- Stop Tomcat and Apache
- ap2webdn
- admsrvdn
- tcadmdn
- tc4stop
- Run the keytool to import the certificate into the keystore
- keytool -import -alias <unique alias name> -file <the exported certificate> -keystore <path to .keystore file> -storepass apache
- Restart Services
- ap2webup
- admsrvup
- tcadmup
- tomcat4