Opmanager and comodo ssl
Hi
Im trying to use comodo ssl in opmanager linux server
i added certs to keystore:
./keytool -genkey -keyalg RSA -keysize 2048 -keystore OpManager.truststore -alias opmanager
./keytool -certreq -keyalg RSA -file domain.csr -keystore OpManager.truststore -alias opmanager
./keytool -import -trustcacerts -alias CARootCert -file AddTrustExternalCARoot.crt -keystore OpManager.truststore
./keytool -import -trustcacerts -alias CAInterCert -file COMODORSAAddTrustCA.crt -keystore OpManager.truststore
./keytool -import -trustcacerts -file opmanager_wavecom_ee.crt -keystore domain.keystore -alias opmanager
Comodo have 2 Intermediate certs which i add both to file COMODORSAAddTrustCA.crt
Keys was iported successfully, modified ssl_server.xml as needed .
I can see in brawser correct certificate but root cert gives error
" This CA Root certificate is not trusted because it is not in the Trusted Root Certification Authorities store"
Opmanaged guide
https://download.manageengine.com/network-monitoring/for-upload/Third-Party-SSL-Steps.pdf is most probably outdated and its also for windows only
Also ssl with default or third party certificate is not usable with some brawsers because weak ciphers
An error occurred during a connection SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key)
How to fix issues ?