tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chris Campbell <>
Subject Tomcat4 standalone keystore - existing private key problem
Date Mon, 25 Feb 2002 03:38:13 GMT


I am trying to setup Tomcat 4.0.1 standalone to serve ssl pages certified by
Verisign. I can use (self signed) certificates generated by keytool with no
problem, but I can't set up the keystore to work with Verisign's.
To explain a little more, the private key I have was generated by openssl
(openssl genrsa -rand rand.dat -des 1024 > key.pem) and is of the type:

Proc-Type: 4,ENCRYPTED
DEK-Info: DES-CBC,91B2224E3C5D1BA5

If I try to import this into my keystore like 

keytool -import -file /root/key.pem

I get the error 'Input not an X.509 certificate'. Importing the certificate
reply from Verisign in the same way works no problem, but I know from
setting up Apache that the private key is also necessary right? And for
tomcat, it seems that it must be in the keystore (no other configuration
options as far as I know). I think everything would work if I could just get
that private key into a form that keytool understands, then into the
keystore... is this possible?



To unsubscribe:   <>
For additional commands: <>
Troubles with the list: <>

View raw message