Hi Chris, All I have is the .p12 and password so it has already gone through the CSR process. How do I import this file into the keystore? On the Windows side, does it need to reside in the Personal Store or Trusted Root Store?
Kelly -----Original Message----- From: Christopher Schultz <ch...@christopherschultz.net> Sent: Monday, August 13, 2018 12:00 PM To: solr-user@lucene.apache.org Subject: Re: Add Wildcard Certificate to Java Keystore Kelly, On 8/13/18 11:55 AM, Kelly Rusk wrote: > I have imported a Wildcard Certificate to my Java Keystore and it > displays, but when I pull up Internet Explorer and browse to my Solr > site, it fails to load and presents TLS errors. What do you mean "it displays"? How did you import your signed certificate into your keystore? What was in the keystore before you performed the import? > Has anyone run into this, what commands do you run to import a Public > CA into Solr? Generally, you want to generate a key+cert/CSR and send the CSR to a CA. The CA signs it and returns it, typically with one or more intermediate certificates to build a chain of trust between the CA's root cert (present in browser trust stores) and your server's certificate (which was signed by a subordinate certificate, not directly by the CA's root cert). Import them into your keystore in this order: 1. Highest (closest to the root) CA cert 2. [any other intermediate certs from the CA, in order] 3. Your server's cert Most server software needs a bounce to reload the keystore. -chris
