tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hein Behrens" <i...@curvaciones.com>
Subject Re: SSL configuration question
Date Fri, 01 Apr 2005 06:32:25 GMT
I thought the two are not related my key is stored in the java keystore. I
did everything with keytool, part of java.

Tomcat only needs the password and name.

The SSL certificate is not generated for or by tomcat.

Hein




----- Original Message ----- 
From: "Mikhail Kruk" <meshko@cs.brandeis.edu>
To: "Tomcat Users List" <tomcat-user@jakarta.apache.org>
Sent: Thursday, March 31, 2005 11:42 PM
Subject: RE: SSL configuration question


> > The certificate I imported was not self-signed (or should not be).  It
is
> > what I received back from Entrust after submitting a CSR. It was already
in
> > use on Apache before I decided not to use Apache anymore.  It worked
before
> > on Apache. I shut down apache and was intending to use the cert on only
> > Tomcat.
>
> You can't easily import the certificate that was generated for Apache into
> Tomcat -- you need to have the prvite key part in your keystore and your
> private key is in your Apache.  There must be a way to get the key from
> Apache and move it to Tomcat, but I'm not sure what it is.
> This might help:
> http://kb.thawte.com/thawte/thawte/esupport.asp?id=vs24694
>
> >
> >
> > Thanks,
> > -Mark
> >
> >
> > -----Original Message-----
> > From: Sasisekar S Sundaram [mailto:sekarmdu@louisiana.edu]
> > Sent: Thursday, March 31, 2005 2:43 PM
> > To: Tomcat Users List
> > Subject: Re: SSL configuration question
> >
> > It shows both "issued to" and "issue by" because it is a self signed
> > certificate. when you get you certificate authorized by some one like
> > verisign, and then import that certificate into your keystore, you'll
get
> > "issued by" as that certifying authority's name.
> > ----- Original Message -----
> > From: "Faine, Mark" <Mark.R.Faine@msfc.nasa.gov>
> > To: "'Tomcat Users List'" <tomcat-user@jakarta.apache.org>
> > Sent: Thursday, March 31, 2005 1:13 PM
> > Subject: RE: SSL configuration question
> >
> >
> > > Thanks, I tried that before and got a permission error, but it works
now.
> > >
> > > -Mark
> > >
> > >
> > > -----Original Message-----
> > > From: Hein Behrens [mailto:info@curvaciones.com]
> > > Sent: Thursday, March 31, 2005 12:41 PM
> > > To: Tomcat Users List
> > > Subject: Re: SSL configuration question
> > >
> > > Answer to number 2 is edit your server.xml change 8443 to 443 in the
ssl
> > > section also check that the the normal port redirects to 443.
> > >
> > > Where you see 8443 change to 443.
> > >
> > > 2 changes in your server.xml.
> > >
> > >
> > > ----- Original Message -----
> > > From: "Faine, Mark" <Mark.R.Faine@msfc.nasa.gov>
> > > To: <tomcat-user@jakarta.apache.org>
> > > Sent: Thursday, March 31, 2005 7:44 PM
> > > Subject: SSL configuration question
> > >
> > >
> > > > Solaris 8, Tomcat 5.0.28
> > > >
> > > > I've configured my tomcat installation with my SSL key from Entrust
and
> > it
> > > > is working (sort of).
> > > >
> > > > 1.  It is not correctly configured.  It shows my organization as
both
> > > > "issued to" and "issue by" when I view the certificate information.
> > Could
> > > > someone explain what I have done wrong and how to correct it.
> > > >
> > > > 2.  It must be run on port 8443 because I need to run it as a user
other
> > > > than root.  How can I bypass this limitation and run it on the
standard
> > > 443
> > > > port?
> > > >
> > > > Thanks,
> > > > -Mark
> > > >
> > >
> ---------------------------------------------------------------------
> > > > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > > > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> > > >
> > > >
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> > >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> >
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message