geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Vamsavardhana Reddy" <c1vams...@gmail.com>
Subject Re: Certificate setup - Geronimo 1.1.1
Date Mon, 13 Nov 2006 14:51:29 GMT
Bob,

The KeyStore portlet functionality in 1.1.1 has been tested.  I have done
end-to-end test of importing trusted certificate, importing CA reply,
setting up HTTPS with Client Authentication and sample applications.  I did
not come across any problems.  If you send the root, intermediate and your
personal certificate, I will be able to investigate the problem (if indeed
there is one).

Thanks,
Vamsi

On 11/13/06, Bob Dushok <bdushok@mac.com> wrote:
>
> I was expecting an error to appear within the console is something
> had gone wrong during the keystore operations.  I just checked the
> server logs and found the following errors:
>
> When importing the intermediate certificate (as a trust certificate):
> 47825: 19:20:15,746 ERROR [ConfirmCertificateHandler] Unable to
> import certificate
>
> When importing the CA root certificate (as the trust certificate):
> 47897: 19:22:23,388 ERROR [FileKeystoreInstance] Unable to import
> certificate
>
> When attempting to import the CA reply:
> 47826: 19:20:52,707 ERROR [BaseKeystoreHandler] Error importing CA reply
>
> TIA,
> Bob
>
> On Nov 12, 2006, at 7:33 PM, Bob Dushok wrote:
>
> > I'm having difficulty completing the setup of an HTTPS listener.
> > I'm following the docs named "Certificate Properties File Realm" at
> > "http://cwiki.apache.org/confluence/display/GMOxDOC11/Certificate
> > +Properties+File+Realm".
> >
> > I've created the keystore, generated the private key, and generated
> > a CSR without a problem.   I've submitted the CSR to GoDaddy and
> > have obtained their reply.
> >
> > When I click "Import CA Reply" I copy/paste the data from GoDaddy
> > (including the BEGIN CERTIFICATE and END CERTIFICATE lines), but
> > Geronimo seems to ignore my entry.  No errors appear.  I'm placed
> > back on the keystore config page and the issuer is still listed as
> > myself, not GoDaddy (Starfield).
> >
> > Any suggestions on how to proceed would be appreciated.
> >
> > In addition to their reply, GoDaddy also provides a root and
> > intermediate certificate.  I assume the root certificate is what I
> > need to add as a trusted certificate, but Geronimo again refuses to
> > accept it.  How do I add the intermediate certificate to my config?
> >
> > Thanks,
> > Bob
>
>

Mime
View raw message