I need a certificate for my server (rest api / https)
In AWS Certificate manager i did create a private CA, after that a private certificate and made an export of it.
The export gave me 3 files
these are pem files
i did try to create a p12 or jks file with openssl but they didnt work, the app kind of crashes with
javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown
i get this ^^ with openssl pkcs12 -export -inkey private_key.pem -in all.pem -name test -out server.p12
when i try a get endpoint in browser, i get a response but the browser says "certificate is not trusted"
i am not sure if i am creating the p12 file in a wrong way or if there is am issue with my steps before with aws
Make sure that you private CA is trusted in your endpoint browser, if not, you have to import it to trusted issuer list(trusted CA) in your browser certificate manager.
Use -certfile parameter to openssl to include your CA:
openssl pkcs12 -export -inkey private_key.pem -in all.pem -certfile yourca.pem -name test -out server.p12
Without this parameter, server.p12 may contain just one certificate and private key. Check your server.p12:
openssl pkcs12 -in server.p12
Make sure that your CA included now.