...
The key concept of the chain is that you must import all certs in the chain in order from top to bottom. You also should provide a unique alias per cert. This will allow you to update specific certs in the chain when they expire. Using the example of the Entrust CA we would need to import as follows.
| Code Block | ||
|---|---|---|
| ||
keytool -import -alias entrust-2048-root -keystore mywebservices.bin -trustcacerts -file <filename_of_the_chain_certificate>
Certificate was added to keystore # This is the expected response
keytool -import -alias entrust-L1B -keystore mywebservices.bin -trustcacerts -file <filename_of_the_chain_certificate>
Certificate was added to keystore |
Take a look inside your keystore and you should see the newly added certs with their unique alias.
| Warning |
|---|
This article is in process of being migrated from the old wiki. |