tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dave Smith" <>
Subject Re: Tomcat and SSL and Palm Problem
Date Wed, 11 Oct 2000 00:54:13 GMT
Hi Adam,

Did you do something like this?

   keytool -import -trustcacerts -file mycert.cer

Notice the -trustcacerts flag.

Your host name has nothing to do with the cert.
The important part is the fully qualified domain name,
which has to match.

I am a little worried because I was pretty sure the
domain name was the OU, not the CN. You might
want to check what you have with keytool -list -v.


What I suspect from the error message
----- Original Message -----
From: "Adam Le" <>
To: <>
Sent: Wednesday, December 27, 2000 3:32 PM
Subject: Tomcat and SSL and Palm Problem

> Hi all,
> Has anyone had luck implementing a real CA signed certificate with Tomcat?
> I have been able to:
> - install JSSE 1.0.2 into Tomcat v3.2.1 Release
> - create my own self signed key pairs using keytool
> - create the CSR and sent it to VeriSign
> - import the Trial certificate from VeriSign
> Tomcat runs and listens on the proper ports (80, 443, and 8007)
> However, when my browser hits the SSL port, I get an error stating that
> Certificate Authority is Invalid or Incorrect.  A litle research into this
> revealed that the cause is that hostname on the server doesn't match the
> Common Name in the Certificate.  I have not found an option to set the
> name in Tomcat, except through Virtual Hosts; even then that didn't work.
> DNS and the CommonName on the Certificate are the same.  The browser is a
> only Mozzila 2.0 compliant (palm os browser).  Desktop browsers have no
> problem visiting the HTTPS site... only the palm os browser does.
> Is there an option to set the ServerName like there is in Apache? Or does
> anyone see what I am missing here?
> Thanks In Advance.
> Adam

View raw message