I don't know if it's just copy/paste errors, but from what you've written,
you've imported the ca cert twice, and into a different keystore file than
you used to generate the key.
What does > keytool -list say?
"Jeanna Geier" <jgeier@apt-cafm.com> wrote in message
news:007001c6d378$7214f470$6700a8c0@geier...
Hi All-
I'm running into an odd problem and am hoping that someone out there can
help me!
I'm trying to configure and run SSL; I am able to create, startup and run
everyting when I am using a self-signed certificate. (Yeah!)
However, when I attempt to use a trial certificate from thawte (which is
where we want to get to), I am getting an error. Here's what I'v done
(http://tomcat.apache.org/tomcat-5.0-doc/ssl-howto.html):
- created a local Certificate: >keytool -genkey -alias tomcat -keyalg RSA
I didn't get a 'chain certificate' with my free trial, so for the next
step, I imported the certificate I got from Thawte:
- keytool -import -alias root -keystore C:\Documents and
Settings\HP_Administrator\.keystore -trustcacerts -file
C:\thawte_ca_cert.cert
Then I imported the new certificate under my tomcat user:
- keytool -import -alias tomcat -keystore C:\Documents and
Settings\HP_Administrator\.keystore -trustcacerts -file
C:\thawte_ca_cert.cert
According to the directions, that should be it; however, when I go to start
Tomcat, I get the following error:
at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.acceptSocket(JSSESocketFactory.java:113)
at
org.apache.tomcat.util.net.PoolTcpEndpoint.acceptSocket(PoolTcpEndpoint.java:368)
at
org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:549)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:683)
at java.lang.Thread.run(Thread.java:595)
Sep 8, 2006 1:34:04 PM org.apache.tomcat.util.net.PoolTcpEndpoint
acceptSocket
WARNING: Reinitializing ServerSocket
Sep 8, 2006 1:34:04 PM org.apache.tomcat.util.net.PoolTcpEndpoint
acceptSocket
SEVERE: Endpoint [SSL:
ServerSocket[addr=0.0.0.0/0.0.0.0,port=0,localport=443]] ignored exception:
java.net.SocketException: SSL handshake errorjavax.net.ssl.SSLException: No
available certificate or key corresponds to the SSL cipher suites which are
enabled.
java.net.SocketException: SSL handshake errorjavax.net.ssl.SSLException: No
available certificate or key corresponds to the SSL cipher suites which are
enabled.
When I search/google on this, it says that one cause could be "different
passwords has been used for the certificate and the Keystore. In this case,
use the Keytool to change the password of the certificate to match the
password of the Keystore." - but that's not the case.
Please, any help you can offer would be greatly appreciated. Thanks!
-Jeanna
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
|