Many users prefer to install a CA signed certificate into the product, in-order to make products more secure.
You will get root certificate, intermediate certificates and the domain certificate from the CA as follows
The what you have to do is import these certificates in following order to the keystore file which the
-certreq were done (wso2carbon.jks).
keytool -importcert -keystore wso2carbon.jks -file AddTrustExternalCARoot.crt -alias somealias1 -trustcacerts
keytool -importcert -keystore wso2carbon.jks -file COMODORSAAddTrustCA.crt -alias somealias2
keytool -importcert -keystore wso2carbon.jks -file COMODORSADomainValidationSecureServerCA.crt -alias somealias3
keytool -importcert -keystore wso2carbon.jks -file demo_site_domain.crt -alias wso2carbon
If the response of the last command should be
Certificate reply was installed in keystore
Certificate was added to keystore
Then copy the wso2carbon.jks to UES_HOME/repository/resources/security and it will replace the existing wso2carbon.jks file.
Then change the
Password and KeyPassword found in following classes with the one you used.
Then restart the server, if it doesn’t complain any password issue then it means, you have successfully configured the new keystore with CA signed certificate.