Subsonic Forum

[Xylex]

I have been trying to get a Purchased SSL certificate to work for weeks now.
Every forum and every explanation for accomplishing this either has false information or seems to skip some crucial step.

What I have:
I have a Debian VM dedicated strictly to subsonic.
https://subsonic.dragonstripes.net

I already have the Certificates
Request, Private And Rapid SSL certificates.

You will notice if you got to that URL, that my certificate was issued in 2011 and doesn't expire for over 200 years.
Something is clearly not right.

Any direct, and clear instructions for what I may be doing wrong would be greatly appreciated.

[Aethies]

I am not sure what you are trying to do, but I will post what I did from start to finish when I was getting my cert. Mind you, I turned off the domain name option in subsonic. I got my own domain name and then got the cert for that domain name.

I did this because I was trying to get the Roku box working with Subsonic. The issue was the fact that it doesn’t support self signed certs. Has to be a CA recognized certificate.

________________
In order to have a certificate, I needed a domain. So I did that.

To get a cert, the following had to be done:

1. Generate a private key on the server

Code: Select all

openssl genrsa -des3 -out server.key 2048

2. Generate a CSR (Certificate Signing Request)

Code: Select all

openssl req -new -key server.key -out server.csr

3. Submitted this to the SSL people and bam! Got the SSL cert for the site.


Next, since Subsonic doesn’t use apache (the current build I use is a standalone version that uses Java) how to get the cert to work with the site. A friend of mine found a post showing how to inject it into the jar file. There are four commands that needed to be run.

1. Combine the certs together into one file (there are multiple ways to do this, I chose the easiest way in linux)

Code: Select all

cat private.crt servercert.crt intermediate.crt > echo subsonic.crt

2. Convert the cert from PEM to PKCS12 so java can use it.

Code: Select all

openssl pkcs12 -in subsonic.crt -export -out subsonic.pkcs12

3. Create Java keystore

[code\keytool -importkeystore -srckeystore subsonic.pkcs12 -deskeystore subsonic.keystore -srcstoretype PKCS12 -srcalias 1 -destalias tomcat[/code]

4. Import the keystore into the jar file

Code: Select all

zip /var/subsonic/standalone/subsonic-booter-jar-with-dependencies.jar subsonic.keystore

Start subsonic and you should be good to go!

One very important thing to note: When asked for a password for the keystore or keys, use subsonic as the password. Any other password used and it will fail on starting subsonic.

__________________

This is what I did, start to finish. Only bad thing, I have to do this each time there is an update. But that is all good as long as it works...

[Xylex]

I am not sure what you are trying to do

As the first sentence in my post states...
I am trying to get a purchased SSL certificate working.

The instructions you gave me do no help, As I also stated that I already have the RSA, Private, Intermediate and Server certificates.
I simply do not know how to get them working in Subsonic.

[Aethies]

Then combine those certs and then inject them into the .jar file.

[Xylex]

Then combine those certs and then inject them into the .jar file.

Can you clarify on that please?
Every set of instructions I have read to accomplish this have all failed.

[Aethies]

From a command line in linux, type

Code: Select all

cat Request.crt Private.crt Rapid SSL.crt > echo subsonic.crt

^^^^^ This command combines all three into one cert.

Then take that file, subsonic.crt and convert the cert from PEM to PKCS12 so java can use it.

Type the following at the prompt,

Code: Select all

openssl pkcs12 -in subsonic.crt -export -out subsonic.pkcs12

to convert the crt to be readable by java.

Create the java keystore:

Code: Select all

keytool -importkeystore -srckeystore subsonic.pkcs12 -deskeystore subsonic.keystore -srcstoretype PKCS12 -srcalias 1 -destalias tomcat

Then import the keystore into the subsonic.jar file

Code: Select all

zip /var/subsonic/standalone/subsonic-booter-jar-with-dependencies.jar subsonic.keystore

If you type these steps in order exactly, you will get your subsonic using the SSL cert that you recieved.

[Xylex]

From a command line in linux, type

Code: Select all

cat Request.crt Private.crt Rapid SSL.crt > echo subsonic.crt

^^^^^ This command combines all three into one cert.

Then take that file, subsonic.crt and convert the cert from PEM to PKCS12 so java can use it.

Type the following at the prompt,

Code: Select all

openssl pkcs12 -in subsonic.crt -export -out subsonic.pkcs12

to convert the crt to be readable by java.

Create the java keystore:

Code: Select all

keytool -importkeystore -srckeystore subsonic.pkcs12 -deskeystore subsonic.keystore -srcstoretype PKCS12 -srcalias 1 -destalias tomcat

Then import the keystore into the subsonic.jar file

Code: Select all

zip /var/subsonic/standalone/subsonic-booter-jar-with-dependencies.jar subsonic.keystore

If you type these steps in order exactly, you will get your subsonic using the SSL cert that you recieved.

I apologize for the VERY late response... but I am still unable to get this going.
I followed your instructions to a T without an issue, except that subsonic doesn't even start up with that keystore in it.

Any ideas?