I am trying to import a signed certificate so that SPS can communicate with https on the backend server and I am receiving a "Failed to load keystore" error in the server.log. (see attachment)
I am assuming that one error is preventing me from using https.
Any ideas on what could be wrong or step that I may have missed to complete the SSL process for the keystore to be loaded properly?
I have performed the following steps...
1. Create the Cert Request
cd <install-dir>\SSL
..\bin\openssl req -out client2-CSR.csr -new -newkey rsa:2048 -nodes -keyout client2-privateKey.key -config ..\bin\openssl.cnf
2. Sign the Request
CSR was signed by CA
Convert cert to DER encoding
..\bin\openssl x509 –in client2-Cert_x509.pem -out client2-Cert_x509.cer -outform der
3. Convert private key to encrypted pkcs#8 DER encoding
..\bin\openssl.exe pkcs8 -in client2-privateKey.key -topk8 -v2 des3 -out client2-privateKey-DER.key -outform DER
4. Put files in right location:
Place DER encoded client cert in : <install-dir>\SSL\clientcert\certs\
client-Cert_x509.cer
Place encrypted DER encoded private key in : <install-dir>\SSL\clientcert\key\
client2-privateKey-DER.key
5. Generate Encrypted Password for server.conf file:
cd <install-dir>\SSL\bin
EncryptUtil.sh password
…
Encrypted string: U2FsdGVkX18VcMWDmBEJG7CL2edypl03V6Ig1F3gON4=
6. Modify the server.conf file :
ClientKeyFile="client2-privateKey-DER.key"
ClientPassPhrase=U2FsdGVkX1+wxoEp8DCUZ6/pcaHpitr6v88GproScgQ=
7. Restart SPS and check the server.log file: