B4J Tutorial How to Install an SSL Certificate in B4J Server (Jetty)

ssl.png


This is a easy way to install SSL Certificate on a VPS with Jetty.

(1) Goto ZeroSSL to create free sll for your domain: https://zerossl.com/

(2) Download your Certificate (includes 3 files: ca_bundle.crt, certificate.crt, private.key)

(3) Download Openssl if you have not yet on your computer. (https://slproweb.com/products/Win32OpenSSL.html)

(4) Joint Certificate, open a new command prompt (C:\Program Files\OpenSSL-Win64\bin).

Run:

B4X: 
openssl pkcs12 -export -in d:\certificate.crt -inkey d:\private.key -out d:\abc.p12

(5) Move to the JDK software where installed on your computer (ex: C:\Program Files\Java\jdk1.8.0_333\bin)

Run:

B4X: 
keytool -importkeystore -srckeystore d:\abc.p12 -srcstoretype PKCS12 -destkeystore d:\abc.jks -deststoretype JKS

(6) Copy abc.jks on to Object folder

ssl.png
 
Last edited:
Click to expand...
aminoacid

aminoacid

Active Member
Licensed User
Longtime User
If you are using the "Lets Encrypt" free certificates, the above procedure to create the keystore is the same except in the openssl command replace the two file names as follows:


B4X: 
openssl pkcs12 -export -in d:\fullchain.pem -inkey d:\privkey.pem -out d:\abc.p12


You may also have to include in the openssl command above:

-passout pass:12345678

and in the keytool command:

-srcstorepass 12345678 -deststorepass 12345678

to correspond to the passwords specified in the ConfigureSSl sub.


[edit 11/22/2023]
If you are using Ionos wildcard starter certificates (or I would think any other Ionos Cert):

1. Download the private Key and two Certificate files (renamed for this example): private.key, ssl_certificate.cer, ssl_certificate_intermediate.cer

2. Create the certificate chain file by concatenating the two cer files - make sure that the ssl_certificate file is first.

cat certificate.cer certificate_intmediate.cer > certificate_bundle.cer

3. Generate the pkcs12 file:

B4X: 
openssl pkcs12 -export -inkey private.key -in certificate_bundle.cer -out jetty.pkcs12 -passout pass:12345678


4. Generate the keystore for jetty to use:

B4X: 
keytool -importkeystore -noprompt -srckeystore jetty.pkcs12 -srcstoretype PKCS12 -srcstorepass 12345678 -destkeystore web.keystore -deststorepass 12345678

Ignore warning about "JKS keystore uses a proprietary format"

The keystore file is "web.keystore" with password "12345678"
 
Last edited:
You must log in or register to reply here.

Similar Threads

Erel
  • Article
B4J Library [server] LetsEncrypt SSL certificates
Replies
12
Views
1K
hatzisn
hatzisn
Erel
  • Article
B4J Library jServer v4.0 - Based on Jetty 11
2 3
Replies
41
Views
14K
aeric
aeric
alwaysbusy
  • Article
B4J Library ABKeystoreSSL: SSL Certificate generator using Let's Encrypt
2
Replies
20
Views
5K
alwaysbusy
alwaysbusy
tchart
  • Article
B4J Tutorial B4J Server: Requesting and Installing SSL Certificate
Replies
7
Views
11K
Angel Garcia
Angel Garcia
Erel
  • Locked
  • Article
B4J Tutorial [Server] SSL Connections
2
Replies
32
Views
27K
Erel
Erel
Top