james-server-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dgarvey <dgar...@collab.net>
Subject Re: using SSL cert
Date Fri, 08 Jun 2012 19:56:14 GMT
The clients need the CA and/or intermediate CA(root cert) if not already 
there in the trust-store ie (cacerts). If self-sign, then you need a 
private CA that signs "self-signed" cert.


On 05/08/2012 09:15 AM, Young Gu wrote:
> How do you install your SSL certification?  What client are you using? 
> Can you post the log details?
> Please be free to contact with me for any question or suggestion.
> Thanks&  Best Regards .
> ------------------------------------------------------------------
> Young Gu
> Software Engineer
> http://www.infor.com
> On 05/08/2012 10:52 PM, roy.james@xemaps.com wrote:
>> Hello,
>> So I can't seem to figure out how to get our SSL cert working on 
>> James so I was hoping someone could help me out?
>> I generated an RSA 2048 private key and certificate request using 
>> openssl.  I've read on googles that this is probably where I 
>> originally went wrong as some people claim that if you do not use a 
>> java keystore from the beginning to generate the request then its 
>> never going to work.
>> Anyway I got my certificate from entrust which has a chain cert and a 
>> root cert.  I went through their instructions (and others) and 
>> imported the root cert and then the chain cert and then finally our 
>> cert.  Attempting to use the cert gives me a "no cipher suites in 
>> common" error.
>> Doing research on this I find out that I need the private key in the 
>> keystore since I did not generate the request from keytool with a 
>> keystore orginally.  So I tried with the keystore I already had as 
>> well as a keystore from scratch.  When I do this I see SSL 
>> communication but it looks like its referencing some default 
>> self-signed cert I created for testing or someone had added to the 
>> default java keystore?  The instructions I used I found here:
>> http://stackoverflow.com/questions/906402/importing-an-existing-x509-certificate-and-private-key-in-java-keystore-to-use-i

>> Was hoping to avoid re-doing the cert.  Does anybody have experience 
>> with setting up SSL?
>> Regards,
>> Roy
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
>> For additional commands, e-mail: server-user-help@james.apache.org

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message