tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Werner Schalk" <>
Subject Re: Problems with SSL-enabled Tomcat 5.5
Date Fri, 31 Aug 2007 15:10:01 GMT

interestingly it did not work for me in the end. Basically I can import the 
certificate and the private key to rebuild
the original keystore using AgentBob's Java code. Fine. Then when restarting 
Tomcat it does not complain anymore and everything appears
to be fine (Tomcat says something like "Server started" and no error 
messages whatsoever). However when
connecting to the SSL-enabled site, there is no error message coming up, but 
any browser (IE, Firefox, Konqueror)
fail to connect to the site saying that the certificate is invalid or 
corrupted (although one can still imspect it in
the cert properties of the respective browser). Any ideas on how to debug 
this problem? Tomcat appears to be
okay with the cert and the keystore but SSL is still not working?

@Christian: Did you have the same problem in the end or did it all work for 


----- Original Message ----- 
From: "Filip Hanik - Dev Lists" <>
To: "Tomcat Users List" <>
Sent: Friday, August 31, 2007 4:27 PM
Subject: Re: Problems with SSL-enabled Tomcat 5.5

> you need the private key in order to run SSL, but you can import the 
> private key, so ask the folks from your company for the private key, here 
> is the info how you import it,
> someone else posted it this week
> Filip
> bajistaman wrote:
>> I'm having the same problem. Some people from my company created the
>> Certificate Signing Request and the only thing that I've received was an
>> email with the certificate, then I tried to install it and I had the same
>> problems that Werner has. Do I have to do all over again from Tomcat from
>> the private key, CSR, ...?
>> Thanks,
>> Johann
>> #Generate a private key
>> keytool -storepass changeit -genkey -alias tomcat -keyalg RSA
>> #Generate the Certificate Signing Request (CSR)
>> keytool -storepass changeit -certreq -alias tomcat -file name.csr
>> #Send the CSR to get a certificate
>> #Import the intermediate cert
>> keytool -storepass changeit -import -alias intermediateCA -trustcacerts
>> -file intermediateCA.cer
>> #Import the cert
>> keytool -storepass changeit -import -alias tomcat -trustcacerts -file
>> name.cer
> ---------------------------------------------------------------------
> To start a new topic, e-mail:
> To unsubscribe, e-mail:
> For additional commands, e-mail: 

To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message