tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Barker" <>
Subject Re: Help please: Tomcat 4.1.24 enable SSL
Date Thu, 24 Apr 2003 05:44:13 GMT
I'm assuming that you have done the obvious, and set the keystoreType
attribute on the Factory.

I've had problems with JSSE1.1.x (the JDK1.4 version) with reading a pkcs12
keystore that was generated by OpenSSL to include certificate chain.  I
guess that you have to complain to Sun (or other JDK vendor about this :).
Using a pkcs12 keystore works fine when it just has the server-cert, and
I've imported the signer into the cacerts.

"Balakrishna Kudaravalli" <> wrote in message
> Hi All,
> Update to my earlier mail:
> I am able to access https:// with the default generated certs. However,
> After I had imported the server cert (given by my internal IT folks) into
> keystore and specified the keystoreFile & keystorePass attribute in
> server.xml Tomcat startsup but https:// does not work and there is no
> exception logged (http:// works fine though).
> Wondering if any one of you had got this problem. Any info, would be very
> helpful.
> Thank you.
> -Bala
> Hi All,
> Issue: Enabling SSL for Tomcat 4.1.24
> 1. I have created a cert using keytool -genkey -alias tomcat -keyalg
> RSA  and have given a password "changeit" (default)
> 2. Uncommented SSL coyote HTTP/1.1 connector in server.xml. Since the
> Keystore is at a deafault loc, I have not given a keystoreFile attribute
> 3. On starting up Tomcat, HTTPS works fine
> Issue:
> 4. Now, I need to replace the default cert with the certs provided by our
> internal folks. How do I do that ? the certs provided to me are in pkcs 12
> format:
> 5. Should I convert the pkcs12 certs into x509 ?
> 6. What certs should I import into the keystore (server, client, ca) ?
> Your help would be greatly appreciated.
> Thank you,
> -Bala

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message