Applies to:
Purpose:
In this article, you will find an overview on how to set up a new SSL certificate, install your wildcard certificate, generate a CSR or resolve certificate related error messages.
Solution:
Generating CSR from existing keystore
If you already have a Keystore on your Cryptshare Server and would like to generate a CSR (Certificate Signing Request) for a certificate authority please follow this article:
Installation of an existing SSL certificate (e.g. wildcard SSL certificate)
This article describes how to install an already existing SSL certificate (e.g. wildcard SSL certificate) to your Cryptshare Server
SSL certificate related errors:
Start failed after SSL KeyStore installation
A new KeyStore is created or a new SSL certificate is installed in the existing KeyStore, but the Cryptshare Server start failed after the KeyStore is installed.
The requested public SSL certificate cannot be imported
The requested SSL certificate cannot be imported into the Keystore with the following error:
- English: Could not establish trust for the CA Reply.
- German: Vertrauenskette für die CA Antwort konnte nicht erstellt werden.
The connection to LDAP cannot be established using SecureLDAP
If the connection to LDAP cannot be established using SecureLDAP, the cause is usually that a self-signed SSL certificate is installed on LDAP server, which cannot be trusted by Java.
Follow the steps below in order to import the LDAP SSL certificate to Java keystore of Cryptshare Installation: