tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jon Roberts <>
Subject Re: setting the trust store
Date Wed, 10 Sep 2003 15:36:13 GMT
Problem solved. I was using the same dn for the CA cert as for the 
server cert and I think that's where it was failing.

Jon Roberts

Jon Roberts wrote:
> I am writing a servlet that connects to remote servers using SSL 
> sockets. Although I can create SSL connections to these servers using 
> other software, I can't seem to get my servlet to trust the certificate 
> in tomcat.
> The crux of the problem seems to be that I used a local CA. I import my 
> ca certificate into a keystore:
> keytool -import -alias myca -keystore /usr/local/tomcat/conf/catrust.jks 
> -trustcacerts -file /tmp/cacert.pem
> I use a password of "changeit". Then in the tomcat launch script I have:
> Yet I still get the following thrown from within my servlet:
> Signature verification failed
> What could be causing this to fail? As I said, this certificate and CA 
> combination works fine for SSL through non-Java clients.

View raw message