Return-Path: Delivered-To: apmail-geronimo-user-archive@www.apache.org Received: (qmail 66680 invoked from network); 13 Nov 2006 01:47:56 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 13 Nov 2006 01:47:56 -0000 Received: (qmail 32122 invoked by uid 500); 13 Nov 2006 01:47:50 -0000 Delivered-To: apmail-geronimo-user-archive@geronimo.apache.org Received: (qmail 32106 invoked by uid 500); 13 Nov 2006 01:47:50 -0000 Mailing-List: contact user-help@geronimo.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: Reply-To: user@geronimo.apache.org List-Id: Delivered-To: mailing list user@geronimo.apache.org Received: (qmail 32094 invoked by uid 99); 13 Nov 2006 01:47:50 -0000 Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 12 Nov 2006 17:47:50 -0800 X-ASF-Spam-Status: No, hits=3.5 required=10.0 tests=FROM_HAS_MIXED_NUMS,HTML_MESSAGE,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (herse.apache.org: domain of c1vamsi1c@gmail.com designates 64.233.182.191 as permitted sender) Received: from [64.233.182.191] (HELO nf-out-0910.google.com) (64.233.182.191) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 12 Nov 2006 17:47:34 -0800 Received: by nf-out-0910.google.com with SMTP id l23so311841nfc for ; Sun, 12 Nov 2006 17:47:13 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; b=izZ8ikDJNYXe9amNDxIS4PNBLYo79t7MRIh+vD88Cotdp7cbVpavDztY6n5M0CWKU42rEi8cpuNHfxX6FRh/jhE76AUeZnO53H6Jy6nHB6veVWL1HaugPvA/9KoFRwuU8xQMgzKdJY7ogaavq8ETDC0E9xfxoK1R55jgaW9AsA4= Received: by 10.49.8.10 with SMTP id l10mr9162122nfi.1163382432601; Sun, 12 Nov 2006 17:47:12 -0800 (PST) Received: by 10.49.11.12 with HTTP; Sun, 12 Nov 2006 17:47:12 -0800 (PST) Message-ID: <22d56c4d0611121747t6a0de713o2e0d290e99cde305@mail.gmail.com> Date: Mon, 13 Nov 2006 07:17:12 +0530 From: "Vamsavardhana Reddy" To: user@geronimo.apache.org Subject: Re: Certificate setup - Geronimo 1.1.1 In-Reply-To: MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_77886_10890634.1163382432561" References: X-Virus-Checked: Checked by ClamAV on apache.org ------=_Part_77886_10890634.1163382432561 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Hi Bob, Can you send the root, intermediate and the certificate issued in reply to CSR? You should not have any problem in sending these as you are not revealing any private-keys. Thanks, vamsi On 11/13/06, Bob Dushok wrote: > > I'm having difficulty completing the setup of an HTTPS listener. I'm > following the docs named "Certificate Properties File Realm" at > "http://cwiki.apache.org/confluence/display/GMOxDOC11/Certificate > +Properties+File+Realm". > > I've created the keystore, generated the private key, and generated a > CSR without a problem. I've submitted the CSR to GoDaddy and have > obtained their reply. > > When I click "Import CA Reply" I copy/paste the data from GoDaddy > (including the BEGIN CERTIFICATE and END CERTIFICATE lines), but > Geronimo seems to ignore my entry. No errors appear. I'm placed > back on the keystore config page and the issuer is still listed as > myself, not GoDaddy (Starfield). > > Any suggestions on how to proceed would be appreciated. > > In addition to their reply, GoDaddy also provides a root and > intermediate certificate. I assume the root certificate is what I > need to add as a trusted certificate, but Geronimo again refuses to > accept it. How do I add the intermediate certificate to my config? > > Thanks, > Bob > ------=_Part_77886_10890634.1163382432561 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline Hi Bob,

Can you send the root, intermediate and the certificate issued in reply to CSR?  You should not have any problem in sending these as you are not revealing any private-keys.

Thanks,
vamsi

On 11/13/06, Bob Dushok <bdushok@mac.com> wrote:
I'm having difficulty completing the setup of an HTTPS listener.  I'm
following the docs named "Certificate Properties File Realm" at
" http://cwiki.apache.org/confluence/display/GMOxDOC11/Certificate
+Properties+File+Realm".

I've created the keystore, generated the private key, and generated a
CSR without a problem.   I've submitted the CSR to GoDaddy and have
obtained their reply.

When I click "Import CA Reply" I copy/paste the data from GoDaddy
(including the BEGIN CERTIFICATE and END CERTIFICATE lines), but
Geronimo seems to ignore my entry.  No errors appear.  I'm placed
back on the keystore config page and the issuer is still listed as
myself, not GoDaddy (Starfield).

Any suggestions on how to proceed would be appreciated.

In addition to their reply, GoDaddy also provides a root and
intermediate certificate.  I assume the root certificate is what I
need to add as a trusted certificate, but Geronimo again refuses to
accept it.  How do I add the intermediate certificate to my config?

Thanks,
Bob

------=_Part_77886_10890634.1163382432561--