[jboss-user] [PKI concepts] Why Jboss need (signed cert and) root-cert in PEM format?

Sven Aluoor aluoor at gmail.com
Fri Jan 22 04:50:22 EST 2010

Hi folks

We have here a Jboss app and web server. We signed the SSL-certificate
that end-user don't have ugly error messages. I don't understand why
we need to import the Root-Cert in PEM format?

$ keytool -import -trustcacerts -file rootcert.pem -keystore
myserver.keystore -alias root

The Root-Cert is in web browser, why there is a must to import in keystore?

Did I misunderstood PKI basics?

cheers Sven

More information about the jboss-user mailing list