JBoss Certificate Issue

We are using JBoss 5.1. We have deplo开发者_JAVA技巧yed a web service and wish to add certificate functionality. We have created a CA and a certificate signed by that CA (we used openssl and the java keytool to create the .keystore file). We imported both the CA and the certificate in the .keystore file and pointed the connector (in server.xml) on that .keystore:

The common name used for the CA is aname.com while the common name for the certificate is hostname. The validity period of the certificate is almost one year while for the CA is a little more.

Trying to access the web service url (https://hostname:8443/path_to_webservice) with Internet Explorer we get the error that our certificate is not issued by a trusted certificate authority.

When we select to view the certificate in the browser, we get a certificate that is issued for hostname, issued by hostname and its validity period is only 3 months. Obviously, the certificate we get from Internet Explorer is very different than the one we created.

How can I solve this issue? Is it a certificate issue or do I need to make some changes in JBoss?

---

Is it a certificate issue or do I need to make some changes in JBoss?

While I'm not able to provide you a precise answer, I'll provide you some guiding questions that may help you solve the problem :-) Are you able to import this certificate (the pem file, which you used to create the keystore file) in a browser? What about the fingerprint, does it looks the same as the one stored in the JBoss? Does this bogus certificate reminds you of any previous attempt?

I'd say that this is most certainly a problem with the certificate itself, as I don't believe JBoss is able to fake your certificate :-)