Installing SSL certificates on Tomcat in AWS Linux Infrastructure
could use a little help. I’m a junior sys admin, I was thrusted into a devops / sys admin role in a 100 person business when our devops guy quit with a weeks notice. Our internal company.org sites are down because our go daddy ssl certs expired. I’m frantically trying to restore everything and having a bit of trouble understanding the process everything is requiring here. We have an AWS infrastructure, couple DNS servers, tomcat, apache servers, etc. What I do know is that these renewed cert files from go daddy need to be imported into tomcat, then tomcat needs to be restarted. Servers are AWS linux. I think how this all goes down is I take the 3 .crt files from godaddy, cat them into a .pem file, then using openssl export that and our private key to a p12(I’m sure it’s p12), then using keytool import that into tomcat. Then restart tomcat. This is where I’m at.
I had to upload a picture of the command because I'm getting errors when pasting it here. Maybe some code reading conflict? Picture is attached
where company.pem is all the godaddy certs merged using cat. I found the private key using find.
Researching is giving me some conflicting information, so I must not be understanding something thats assumed I know. I think maybe I must have to somehow export the private key into the .pem file by first decrypting it? I’m not even sure that’s the road I should take. Maybe I’m way off. Any sort of insight would be greatly appreciated. Thank you all.
If you're still trying to workout your SSL installation with the new certificate files that have been renewed, I'm afraid we don't have any specific documentation for AWS. However we do have instructions for Tomcat as well as few other commonly used servers listed here. Hopefully this helps.
Beyond that, perhaps another member familiar with AWS and SSL installations could offer some more insight. Keep us posted if you manage to get this worked out on your own.
CG - GoDaddy | Community Moderator 24/7 support available at x.co/247support