tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sycamore Days <sycamored...@mac.com>
Subject Re: Re: Verisign SSL on Tomcat 5.5.9
Date Thu, 09 Feb 2006 00:34:02 GMT
Patrick,

Sure - I feel your pain!

Follow the instructions here on tomcat's site:

http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html#Installing a Certificate from a Certificate
Authority

Every step is correct, ***EXCEPT*** for the Verisign link:

   For Verisign.com go to: http://www.verisign.com/support/install/intermediate.html
 
That should be:

   http://www.verisign.com/support/verisign-intermediate-ca/Trial_Secure_Server_Root/index.html

The Trial Root Certificate is what you should use, not the Secure Site Intermediate.  That's
apparently for paid customers only.

Sycamore.




On Wednesday, February 08, 2006, at 04:28PM, Patrick Lacson <placson@gmail.com> wrote:

>Could you share the exact steps you used to get your system to work?
>
>On 2/8/06, Sycamore Days <sycamoredays@mac.com> wrote:
>>
>> Hi All!
>>
>> My problem is solved.  I was installing the wrong chain certificate.  I
>> was installing the site-pro cert instead of the Root Trial Cert.
>>
>> This is the cert I should have installed first:
>>
>> http://www.verisign.com/support/verisign-intermediate-ca/Trial_Secure_Server_Root/index.html
>>
>> NOT
>>
>> http://www.verisign.com/support/verisign-intermediate-ca/secure-site-intermediate/index.html
>>
>> That second one is the secure-site pro cert for PAID certs.  I needed the
>> Root Trial cert!
>>
>> Thanks for the suggestions.
>>
>>
>> On Wednesday, February 08, 2006, at 08:43AM, Scott Purcell <
>> spurcell@vertisinc.com> wrote:
>>
>> >Yes,
>> >That was the problem with my Tomcat 5.5, Verisign configuration. After
>> >following the Tomcat 5.5 docs, and the Verisign Tomcat docs, and them
>> >removing that dll, all is good.
>> >
>> >I have been running with the SSL for quite a while now. Also, if using
>> >Struts, the ssltext is awesome for controlling which pages get https and
>> >which get normal http. This eliminates the need to control everything
>> >through the <security-constraint element of the container.
>> >
>> >
>> >Scott
>> >
>> >
>> >
>> >-----Original Message-----
>> >From: Caldarale, Charles R [mailto:Chuck.Caldarale@unisys.com]
>> >Sent: Wednesday, February 08, 2006 10:04 AM
>> >To: Tomcat Users List
>> >Subject: RE: Re: Verisign SSL on Tomcat 5.5.9
>> >
>> >> From: Scott Purcell [mailto:spurcell@vertisinc.com]
>> >> Subject: RE: Re: Verisign SSL on Tomcat 5.5.9
>> >>
>> >> I struggled with the install for weeks, and after screwing
>> >> around, found out it was once executable that was in my
>> >> install (Tomcat) that was screwing things up.
>> >
>> >Are you thinking of the tcnative-1.dll (APR), rather than a .exe file?
>> >The SSL configuration is different when APR is in the game.
>> >
>> > - Chuck
>> >
>> >
>> >THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
>> >MATERIAL and is thus for use only by the intended recipient. If you
>> >received this in error, please contact the sender and delete the e-mail
>> >and its attachments from all computers.
>> >
>> >---------------------------------------------------------------------
>> >To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> >For additional commands, e-mail: users-help@tomcat.apache.org
>> >
>> >
>> >---------------------------------------------------------------------
>> >To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> >For additional commands, e-mail: users-help@tomcat.apache.org
>> >
>> >
>> >
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>
>
>--
>Patrick
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message