Smart Tech for a better Web
I usually buy Comodo Certificates from PSW.net. It was always a pain to get it running because the information found on Comodos website are extremely outdated. So painful it is, their certificates are pretty cheap. That said this is probably the last time I’ll use them because it took me way too much time. If you are in pain to, here is some help.
First, if you are looking for UTNAddTrustServerCA.crt which is described here, I have some news for you. Almost hidden, I found the new necessary hierarchy. It shows clearly that this file is not longer necessary, even when stated on Comodos websites. Once you know that, everything is much more easier.
Let’s start. Create a new certification request (CSR).
Order a new certificate from PSW and wait until you receive it. You need to authenticate the first time.
Download AddTrustExternalRoot and PositiveSSL CA2 from Comodos website. (The URL is not longer working). From PSW you’ll get another Zip-File with your certificate. Put them all into one directory and create a cert chain.
For jetty and Java keystore you’ll need to create a pcks12 file. It’s done like that:
Upload this magic to your server (using SSH of course) and import it to your keystore.
Now that this is done, you just need to tell Jetty to use this keystore. I used this configuration in /etc/jetty.xml.
On restart, your keystore should be used. Don’t forget to create Virtual Host names in your context.
That said, my pain with Comodo clearly has nothing to do with PSW.net. They are a reseller and so far I made great experiences with them. Check them out if you are in need of something SSL related. They work international to my knowledge.