There have been a few similar posts, but none of them individually helped me to find the correct method to do this.
I have a company wide wild card ssl certificate issued by Network Solutions. I wanted to use this certificate on my installation of WHD which is running on Centos 7. Anytime you are prompted for a password, you MUST use the same password that is contained in whd.conf file. The default is 'changeit'. Use the following command to view this password on your system:
cat /usr/local/webhelpdesk/conf/whd.conf | grep KEYSTORE_PASS
1. First I made myself a working directory in my home directory. From this point I will call that path <working directory>.
2. I copied all of my files there from my CA. You will need these files: Certificate <domain>.crt, Private Key <domain>.key and the intermediate files or chain <domain>.chain.
3. Combine the private key file with the chain file. I called mine <domain>.keychain. Be sure to replace <domain> with the proper filenames for your install!
cat <domain>.key <domain>.chain > <domain>.keychain
4. Create a keystore file from the certificate and the "keychain" file you created above.
openssl pkcs12 -export -in <domain>.crt -inkey <domain>.keychain -name 'tomcat' -out keystore.p12
5. Change to WHD directory.
6. Stop WHD:
7. List the current keys stored there:
bin/jre/bin/keytool -list -keystore conf/keystore.jks
8. Delete keys owned by tomcat:
bin/jre/bin/keytool -delete -alias tomcat -keystore conf/keystore.jks
9. Import the keystore from your working directory:
bin/jre/bin/keytool -importkeystore -deststorepass changeit -destkeystore conf/keystore.jks -srckeystore <working directory>/keystore.p12 -srcstoretype PKCS12
10. Restart WHD.
Not too bad once you figure it out!