Help with SSL for Burst Wallet Online
-
@haitch centos 7, java 8
-
@xaocs You'll have to convert the instructions to their Linux equivalent - I've only done it under Windows. The only thing really that should be different is setting up the path statement.
-
@haitch
also, last thing,
I had my csr signed, and was given 2 files
intermediate .crt
mydomain .crt
so.. for #5-6
? replace pem with crt correct?
-
@haitch I also keep getting this error on step 5
keytool error: java.lang.Exception: Input not an X.509 certificate
-
@xaocs yes, the command assumes a base 64 encoded certificate - either .crt or .pem should be fine
-
@haitch My error up top. I tried to use the crt, no luck. same error, even converted to p7b it didn't work.
-
@xaocs what is the error you're receiving, and at which step ?
-
I did step #4, which gave me a jks
then went and got an intermediate crt and my domain crt
intermediate .crt
mydomain .crt
so.. for #5-6
importing them seems to give me the keytool error I mentioned above. So, I don't use java often, especially not ssl with it, so keytool is a new creature to me. how can I take just the CA bundle and my domain .crt and import those to the keystore?
both .crt files
-
@xaocs d the message about the error you were getting.
one of the possibilities is that the CSR needs to come from the Keystore - are you able to regenerate a new cert for the domain? If so, to create the CSR:
keytool -certreq -alias <your domain> -keystore keystore.jks -file mydomain.csr
Now open the mydomain.csr file in notepad, copy the ENTIRE contents. Goto your cert provider, paste in the contents of the .csr, next, select the< your domain> domain.
Copy the generated certificate into notepad and save as <wallet_dir>\conf\ssl.crt
Also download and save the intermediate and root CA certs into the conf dir.
-
Have you guys tried to enable UI also via SSL here?
I've turned the SSL on in the nxt-default.properties, but after loading the webpage, it looks like it's still trying to load some css-es via HTTP.
Because modern web browsers are blocking this kind of behaviour (calling it insecure, that some of the webpage is via HTTPS, and some via HTTP), whole wallet looks crappy, and is not working at all:
image url)
-
@axadiw96 In <wallet dir>\html\ui\index.html change the http references to https
-
thanks, I've changed http to https-es, in tyhis index.html, and also in one of the js files that were used by the wallet.
You can check changes here: https://github.com/Axadiw/burstcoin/commits/master
