Ping a Specific Port

Question

Jasmine

Asked: 2017-04-24 22:05:20 +0800 CST2017-04-24 22:05:20 +0800 CST 2017-04-24 22:05:20 +0800 CST

openssl and keytool conflict in PEM

772

I have created a self-signed certificate in nginx server in ubuntu as below:

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/nginx-selfsigned.key -out /etc/ssl/certs/nginx-selfsigned.crt

Coverted crt to pem using open ssl:

openssl x509 -in nginx-selfsigned.crt -out nginx-selfsigned.pem -outform PEM

When I import this certificate using keytool in debian, the import process is successful:

sudo keytool -importcert -keystore /certs -storepass changeit -file nginx-selfsigned.pem -alias some alias

But after that, the certificate isn't trusted. Why the importing certificate isn't trusted?

Any suggestion about this issue would be appreciated.

1 Answers

Voted

Cory Knutson · Answer 1 · 2017-04-29T09:53:20+08:00

Best Answer

Cory Knutson

2017-04-29T09:53:20+08:002017-04-29T09:53:20+08:00

If you want the self signed certificate to be trusted, it must be in the "Trusted CAs" certificate store on each client that is connecting. Depending on your browser, you should be able to view the cert and see why it doesn't trust it also (e.g. not yet valid, expired, name mismatch, not from trusted CA, etc.)

1

openssl and keytool conflict in PEM

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?