API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 4th, 2016
308
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.13 KB | None | 0 0
raw download clone embed print report
  1. openssl pkcs12 -export -in fullchain.pem -inkey privkey.pem -CAfile chain.pem -caname root -out fullchain_and_key.p12 -name tomcat
  2.  
  3. keytool -importkeystore -deststorepass PASS -destkeypass PASS -destkeystore MyDSKeyStore.jks -srckeystore fullchain_and_key.p12 -srcstoretype pkcs12 -srcstorepass PASS -alias tomcat
  4.  
  5. keytool -import -trustcacerts -alias root -file chain.pem -keystore MyDSKeyStore.jks
  6.  
  7. openssl s_client -connect mydomain.de:443
  8. CONNECTED(00000003)
  9. depth=1 CN = Fake LE Intermediate X1
  10. verify error:num=20:unable to get local issuer certificate
  11. ---
  12. Certificate chain
  13. 0 s:/CN=mydomain.de/serialNumber=fa4eff65933b17aa84130eaabf96ce401ae5
  14. i:/CN=Fake LE Intermediate X1
  15. 1 s:/CN=Fake LE Intermediate X1
  16. i:/CN=Fake LE Root X1
  17. ---
  18. Server certificate
  19. -----BEGIN CERTIFICATE-----
  20. RANDOMDATA ending with ==
  21. -----END CERTIFICATE-----
  22. subject=/CN=mydomain.de/serialNumber=fa4eff65933b17aa84130eaabf96ce401ae5
  23. issuer=/CN=Fake LE Intermediate X1
  24. ---
  25. No client certificate CA names sent
  26. Peer signing digest: SHA512
  27. Server Temp Key: ECDH, P-256, 256 bits
  28. ---
  29. SSL handshake has read 3002 bytes and written 441 bytes
  30. ---
  31. New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
  32. Server public key is 2048 bit
  33. Secure Renegotiation IS supported
  34. Compression: NONE
  35. Expansion: NONE
  36. No ALPN negotiated
  37. SSL-Session:
  38. Protocol : TLSv1.2
  39. Cipher : ECDHE-RSA-AES128-GCM-SHA256
  40. Session-ID: 5729C1080CFF1B8662C6F3C007C783E4066D985A23D99BAD85C5A721ACF6C866
  41. Session-ID-ctx:
  42. Master-Key: 3972DBC0072395E1F4C5BE25A23A165DA4AB301DAEDF2753F1FD6FFDBD35BDF8C42B7C6520D3785D425B5D37FE3CD603
  43. Key-Arg : None
  44. PSK identity: None
  45. PSK identity hint: None
  46. SRP username: None
  47. Start Time: 1462354184
  48. Timeout : 300 (sec)
  49. Verify return code: 20 (unable to get local issuer certificate)
  50. ---
  51. read:errno=0
  52.  
  53. <Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol" SSLEnabled="true" maxThreads="200"
  54. scheme="https" secure="true" clientAuth="false" sslProtocol="TLS"
  55. keystoreFile="/etc/letsencrypt/live/mydomain.de/MyDSKeyStore.jks"
  56. keystorePass="PASS" keyPass="PASS" keyAlias="tomcat"
  57. />
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!