Questions for SSL configuration

Hi,

we want to use our own Certificate for the dynaTrace Server Website. I found the description Configure SSL Communication#HowtoCreateaCustomKeystore and tried to make it like this, but it seems that I have overseen something.

We created our own .jks-File and added following lines in the dtserver.ini

-Dcom.dynatrace.diagnostics.communication.sslkeystorepassword=
-Dcom.dynatrace.diagnostics.web.ssl.keystore=conf/customkeystore.jks
-Dcom.dynatrace.diagnostics.web.ssl.password=
-Dcom.dynatrace.diagnostics.web.ssl.keypassword=

When I restart the server, I can't connect and the logs give me following errors

WARNING [CommunicationLayerUtils] error while initializing ssl environment: Keystore was tampered with, or password was incorrect: com.dynatrace.diagnostics.server.communication.CommunicationLayerUtils startSSLEnvironment:40
java.io.IOException: Keystore was tampered with, or password was incorrect

WARNING [ServerClientPassiveCommunication] Error while initializing server communication!: com.dynatrace.diagnostics.server.communication.ServerClientPassiveCommunication a:116
com.dynatrace.diagnostics.communication.tcp.exception.CommunicationException: unable to initialize server-socket DefaultServerSocketHandler-localhost:2031:SSL

WARNING [ServerCommunicationLayer] error while initializing collector communication layer!: com.dynatrace.diagnostics.server.ServerCommunicationLayer startInternal:137
com.dynatrace.diagnostics.communication.tcp.exception.CommunicationException: unable to initialize server-socket De
faultServerSocketHandler-*:6699:SSL

I was a bit surprised that the communication between collector and server is also affected...
So I tried the same parameters in the dtfrontendserver.ini, but there they are just ignored....

Do I make a mistake in configuration or is it really the keystore, which is corrupted? Will the ssl-key be used for the whole dynatrace-communication or just for the Website?

Hope someone has an idea.

Regards,

Jan