When configuring the TIBCO Spotfire Server to use HTTPS, there may be discrepancies between the certificates in the keystore and the server configuration settings. You can use the command described in this article to list all of the certificates stored in the keystore that is used.  There are cases where you might not know the exact certificateKeyAlias that is stored in the keystore or that you are using a different certificate, all of which can cause issues when configuring HTTPS.

For example, this command can also help you solve the "Alias name[certificate_alias_name] does not identify a key entry" error seen in catalina.log as described in KB article 000036920.

<install directory>\jdk\bin\keytool -list -keystore <install directory>\tomcat\certs\spotfireserver.jks

> C:\tibco\tss\7.11.0\jdk\bin\keytool -list -keystore C:\tibco\tss\7.11.0\tomcat\certs\spotfireserver.jks

Returns:
Keystore type: JKS
Keystore provider: SUN

Your keystore contains 2 entries

tss_clientcert, 2019-dec-16, trustedCertEntry,
Certificate fingerprint (SHA1): 9E:06:B5:8F:69:BF:D4:E0:EA:7F:E7:EC:F9:04:51:0B:12:7A:5B:46

serverkey, 2019-dec-16, PrivateKeyEntry,
Certificate fingerprint (SHA1): 4E:7F:41:40:81:02:B0:C4:16:53:B1:DF:39:FF:D4:3A:B6:CD:58:07

• https://docs.tibco.com/pub/spotfire_server/7.11.2/doc/html/TIB_sfire_server_tsas_admin_help/GUID-58E436B3-A057-431C-B65C-92FCE34AB224.html

• https://support.tibco.com/s/article/Error-Alias-name-does-not-identify-a-key-entry