Return-Path: Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: (qmail 2502 invoked from network); 14 Nov 2006 23:28:36 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 14 Nov 2006 23:28:36 -0000 Received: (qmail 53541 invoked by uid 500); 14 Nov 2006 23:28:34 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 52791 invoked by uid 500); 14 Nov 2006 23:28:33 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 52780 invoked by uid 99); 14 Nov 2006 23:28:32 -0000 Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 14 Nov 2006 15:28:32 -0800 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests= X-Spam-Check-By: apache.org Received-SPF: pass (herse.apache.org: local policy) Received: from [203.25.40.75] (HELO rrmailscan3.safenetbox.biz) (203.25.40.75) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 14 Nov 2006 15:28:19 -0800 Received: from rrmailscan3.safenetbox.biz (rrmailscan3.safenetbox.biz [127.0.0.1]) by rrmailscan3.safenetbox.biz (Postfix) with ESMTP id 5E6F61D4843B; Wed, 15 Nov 2006 10:27:57 +1100 (EST) Received: from andrewf (unknown [10.30.149.33]) (Authenticated sender: remote) by rrmailscan3.safenetbox.biz (Postfix) with ESMTP id 02FBD1D48429; Wed, 15 Nov 2006 10:27:57 +1100 (EST) From: "Andrew Friebel" To: "'Andy Tipton'" , "'Tomcat Users List'" Subject: RE: Need help w/ installing certificate. Date: Wed, 15 Nov 2006 10:32:56 +1100 Message-ID: <003c01c70845$36782e80$21951e0a@andrewf> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2627 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2869 In-Reply-To: <005d01c70785$bdfd08f0$c801a8c0@tipton.com> Importance: Normal X-Virus-Checked: Checked by ClamAV on apache.org When you create a keystore, you get prompted with information regarding your server. This is your server certificate, and it identifies your server to other users. You would have created a certificate sign request that you sent to your CA to get your certificate signed. You sign your certificate so as others that trust your CA know that they can trust you. When you have a signed certificate, you need to import the CA certificate into your keystore to enable a trust chain. Once you have imported the CA certificate, then you need to import your signed certificate into your keystore (ensure you use the same alias when you created your certificate). You keystore should list this certificate as the 'keyEntry' when you list your keystore, and this will be the certificate presented to users when they access your server using SSL. Do not forget to enable tomcat to use SSL in the server.xml file. It may be a good idea for you to do internal testing using self signed certificates to understand them before getting them signed by a CA. Regards, Andrew Friebel -----Original Message----- From: Andy Tipton [mailto:artipton@tiptonshome.com] Sent: Tuesday, 14 November 2006 11:42 AM To: 'Tomcat Users List' Subject: Need help w/ installing certificate. Afternoon, I have my real certificate downloaded. I am trying to install it into my keystore so that is the one to be used. however, I am can't get it to work. Please help!! I am running these commands but I cannot get the keystore to look at the new certificate.. C:\Program Files\Java\jdk1.5.0_05\bin>keytool -import -alias intermed -keystore .keystore -trustcacerts -file sf_issuing.crt C:\Program Files\Java\jdk1.5.0_05\bin>keytool -import -alias tomcat5 -keystore .keystore -trustcacerts -file www.anythingphotos.com.crt I have tried creating a new '.keystore', but no luck. Could someone please help!! I am running out of ideas. --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org