tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Peter Betz" <>
Subject SSL problem
Date Mon, 05 Sep 2005 10:27:41 GMT

I am having a problem here. I am using Jakarta Tomcat V5.5 (part of
jboss-4.0.2) and j2sdk1.4.2_08 on a Redhat Linux server.
I having been trying to register a signed certificate but have thus far
being unsuccessful.
It always comes out as a self-signed certificate. What am I doing wrong?
Details are as follows:

Here is what I have been doing:
Logged in and performed commands as jboss user because the J2EE and Jakarta
Tomcat environment is run under jboss user.

1. Generate a private key with the following command:
$JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA -keystore

2. Generate the Certificate Signing Request (CSR)
$JAVA_HOME/bin/keytool -certreq -alias tomcat -keystore k-factor88.kdb -file

3. Generate the Server Certificate
Submit k-factor88.csr to root certification authority and save returned
certificate into k-factor88.cer

4. Import the Server Certificate
$JAVA_HOME/bin/keytool -import -trustcacerts -keystore k-factor88.kdb -alias
root -file k-factor88.cer
Note: Keytool confirms that the certificate has been signed by a
certification authority. I choose to trust it.

5. Import the Trust Certificate
$JAVA_HOME/bin/keytool -import -trustcacerts -keystore k-factor88.kdb -alias
jboss -file UTN.cer
Note: UTN.cer is the certification authority certificate and needs to be

     <Connector port="8443" address="${jboss.bind.address}"
           maxThreads="100" strategy="ms" maxHttpHeaderSize="8192"
           scheme="https" secure="true" clientAuth="false"
           keystorePass="changeit" sslProtocol = "TLS" />

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message