Problem When replacing the certificates on a vCloud Director 9.5 installation, I ran the configure command and the following error occurred. cryptographic error: trusted certificate entries are not password-protected keytool Troubleshooting Upon investigation of the keystore file it appeared that the entry type was trustedCertEntry keytool -storetype JCEKS -list -v -keystore certs.ks <snip> Alias name: http Read More…
Category: SSL
How Does SSL Work?
Below is a very simple overview of how SSL works in an asymmetric browser to web server scenario. 1. The client browser (eg Internet Explorer, Google Chrome, Safari etc) requests a secure HTTPS page by typing in https://www.domainname.com . 2. The web server responds by sending SSL certificate and public key. Read More…
DPI-SSL and SSL v3.0 on Sonicwall
Scenario. I have a bespoke webserver behind a Sonicwall NSA 4500 (in HA mode) running DPI-SSL. I upgraded the webserver. This all went to plan but I couldn't access the server either via the VPN or externally. We performed some packet traces and noticed that SSL v3.0 seemed to be initiated when connecting via the VPN or externally but Read More…
Importing Existing Wildcard Certificate into vCloud Director Keystore
Scenario: I wanted to import a RapidSSL certificate I had originally bought for a UNIX/Apache into vCloud Director 5.x Here are the steps for getting an X509 certificate into a JCEKS keystore. 1) First of all we have to convert the crt and private key into a .p12 format. As vCloud director requires both Read More…
Create a PKCS#12 (.p12) file using OpenSSL
Scenario: I wanted to create PKCS12 file to import into a Sonicwall Firewall (FW 5.9.0.4) You'll need. – Certificate from CA (my.crt) – Private key (my.key) – CA Bundle (myCA.crt) – The password for the private key From a UNIX based server pop all of the required files into a specific directory. # openssl pkcs12 Read More…
You must be logged in to post a comment.