Hi all,
I'm trying to get an ssl certificate from godaddy working with my jetty instance, following the instructions here:
I'm going the keytool route, so this is what I'm doing:
1. keytool -keystore keystore -alias jetty -genkey -keyalg RSA
2. keytool -certreq -alias jetty -keystore keystore -file jetty.csr
3. I send jetty.csr to godaddy, I get back:
gd_bundle-g2-g1.crt
randomhash.crt
4. keytool -keystore keystore -import -alias godaddy -file randomhash.crt -trustcacerts
And I get prompted to trust the cert, I do, and all seems well. I give the cert to a jetty instance, but the browser still stays the cert is not trusted.
I did this for another domain a year ago with godaddy and it worked ok, though I got two different files back from godaddy back then:
gd_bundle.crt
mydomain.com.crt
and I had to take an extra step of importing the godaddy cert into my keystore as well (this wasn't spelled out in the jetty docs, I think I had to google around for it), something like:
4. keytool -import -trustcacerts -alias godaddy -keystore keystore -file gd_bundle.crt
5. keytool -import -trustcacerts -alias jetty -keystore keystore -file randomhash.crt
but the last step today now produces an error from keytool:
keytool error: java.lang.Exception: Failed to establish chain from reply
Any ideas would be really welcome, I'm waiting for a response from godaddy but figured maybe someone else ran into this here.
Thanks