What I need:
I have an existing SSL certificate installed on IIS 6. On the same machine, I have GlassFish installed and would like to share the same certificate since they both share the same hostname, and they use different ports: IIS uses 443 and GlassFish uses 8181.
Why I need it:
Reuse existing SSL certs from IIS to GlassFish. I imagine that this is possible. I am able to install an SSL cert into GlassFish's keystore, and then import the same exact cert into IIS. I just want to go the other way – imagine having an SSL cert on IIS being used for months, and now I want to enable SSL on GlassFish.
What I have done:
- Created a keystore with an alias:
server.hostname.com - Imported
intermediate CA certs associated with
the existing SSL Cert - Imported the
existing SSL cert with the same
alias: server.hostname.com, but the
keytool won’t allow this, as it is
not associated: keytool error:
java.lang.Exception: Public keys in
reply and keystore don't match Why?
Using a different alias causes the
cert to not be trusted in the CA
chain.
Best Answer
did you export the certificate from your servers certificate store? only there is the private key to the certificate issued by the ca. you need to start an mmc add the certificate snap-in for the computeraccount. go to "personal" certificate and export it there. For windows 2003 i found an article at ms http://technet.microsoft.com/en-us/library/cc737187%28WS.10%29.aspx