BusinessObjects Board

Trying to setup SSL, using Tomcat vers 9

I am trying to setup SSL on of our web servers. We are using Tomcat/Apache vers 9, for BI 4.2 Sp8.

Does anyone know the exact steps that need to be taken?

This is what i have tried so far.
in the CMD window

  1. keytool -genkey -alias Tomcat1 -keyalg RSA -keystore Keystoretct01
    Once i do the above step i am getting this warning. I’ve tried this with and without doing this step.
    The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an
    industry standard format using “keytool -importkeystore -srckeystore Keystoretct01 -destkeystore
    Keystore tct01 -deststoretype pkcs12”.
    This is what gets created in my folder.
    Keystoretct01 Type File

  2. I generate the .csr file
    keytool -certreq -keyalg RSA -alias Tomcat1 -file ZWPDCBODWTCT01.csr -keystore Keystoretct01
    This file gets created, ZWPDCBODWTCT01.csr

  3. I send the ZWPDCBDWTCT01.csr file to our security team who then generates the .cer and root certificate.

They send me the .cer and root certificate. They generate the root certificate as .p7b extension.
I have certnew.cer and chain.p7b.
4. i try to import the chain(root) to the keystore file.
keytool -import -alias Tomcat1 -keystore Keystoretct01 -trustcacerts -file chain.p7b

Heres where i run into issues i am getting this error- Input not an X.509 Certificate
and this error.
Certificate reply does not contain public key for for Tomcat1

I have tried several things omitting stuff from the keytool, but nothing i try seems to be working.

Any help would be much appreciated.

It looks to me like you are following too many steps.

If you have a SAP Support login, try this KBA: 1648573 - How to configure SSL/TLS on Tomcat in BI 4.x.

I can’t help much more than this, we use a corporate certificate generating service and all I do is download a pkcs file from there.