1. Obtain the Renewal Certificate - The Renewal Cert needs to be based on the same CSR that was used to issue the certificate in the first place. At any time, you can create a new CSR on your system by issuing the following command:
keytool -certreq -keyalg RSA -alias tomcat -file csr.txt -keystore <name/path of your keystore>
To verify that you are using the proper alias, you can run the command:
keytool -list -keystore <name/path of your keystore>
The alias will be on the far left of the "PrivateKeeyEntry". In this case the alias is listed as tomcat.
2. Installing the New Certificate - The process of adding the renewal certificate to the keystore is very easy. You can use the following command :
keytool -import -trustcacerts -alias tomcat -file <name/path of your renewal certificate> -keystore <name/path of your keystore>
You should see a message saying
After restarting your iDashboards service, your new certificate will be ready for use.
3. keytool error: java.lang.Exception: Input not an X.509 certificate
So maybe you did everything just right and you got this error, that is OK! We can easily fix that.
- You can close out of the command prompt.
- Open your File Explorer and go to the following location or similar:
- C:\Program Files\iDashboards_SRV\Server\conf
- Open the server.xml file in text editor of your choice. We often use Notepad because it comes on every Windows OS.
- Find the following lines within the server.xml
<-- Define a SSL Coyote HTTP/1.1 Connector on port 8443 -->
- Make sure your keystoreFile="C:/Program Files/iDashboards_SRV/jre/lib/tomcat.keystore" is similar.
- If you changed keystorePass="changeit" when you renewed your SSL certificate then, you will need to change that as well.
- Once those two have been changed you can save the file and close it.
- Now in your File Explorer go to a similar location: C:\Program Files\iDashboards_SRV\jre\lib
- Copy your .pfx file into this folder if it is not already there.
- Restart your Tomcat/iDashboards service.
- Once it has reloaded, your iDashboards will be utilizing SSL.
For More Information:
- Apache Tomcat 8 SSL
- Apache Tomcat 9 SSL
- Tomcat: Server SSL Certificate Installation
- Tomcat: SSL Implementation
If the above is unable to resolve the issue, then please contact iDashboards Support for further assistance.
Please sign in to leave a comment.