tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bruce Perryman <>
Subject Tomcat 5 and SSL Configuration
Date Mon, 25 Apr 2005 18:31:48 GMT

I'm using TC 5.0.19 and j2sdk1.4.2_04 on RedHat 9.

My SSL certificate expired and I received a new one
but haven't been able to get the new one to work. 

Here are the steps that I used to get the certificate
and import it into my keystore:

[1] keytool -genkey -alias tomcat
     -keyalg RSA -keystore .keystore
[2] keytool -certreq -alias tomcat
     -keystore .keystore -file tomcat.csr
[3] Submit tomcat.csr to Entrust and then
     retrieve entrust_ssl_ca.cer  (We used
     cut and paste, not file download.)
[4] shut down Tomcat
[5] keytool -delete -alias tomcat
      -keystore .keystore
[6] keytool import -trustcacerts
     -alias tomcat -file entrust_ssl_ca.cer
     -keystore .keystore
[7] restart tomcat
Instead of [6], we also tried:
[6a] keytool import -alias tomcat
      -file entrust_ssl_ca.cer -keystore .keystore

When I restart Tomcat and view my page, I get the
message that the page cannot be displayed.

In my catalina.out file, I see the following severe
error msg:

Endpoint [SSL: ServerSocket[addr=     ]] ignored
exception: SSL handshake No available
certificate corresponds to the SSL cipher suites which
are enabled.

Does anyone know what I'm doing wrong? I don't have
the exact steps that I performed with my previous
certificate, but the above steps are what I used for
the newly issued certificate.

Thanks, in advance, for your help.

Do you Yahoo!? 
Yahoo! Mail - 250MB free storage. Do more. Manage less.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message