tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christoph Lechner <>
Subject Re: Tomcat keeps breaking/SSL keystore troubles
Date Thu, 30 Aug 2007 17:27:37 GMT
Morris Jones wrote:
> Christoph, I hate these problems, they're always tough to work through,
> and keytool doesn't make it any easier.
> Did you use keytool to create your key and certificate request?  If you
> created the key and request outside of keytool, then keytool won't have
> the private key and can't import the certificate.
No, the CSR and the key were created using OpenSSL.

> In order to get your private key into the keystore, you need to use a
> bit of Java code.  See here:  <>
It worked for me!!! Thanks a lot for that link, without it I would be
screwed. But IMHO it's a flaw in the documentation of tomcat that they
don't mention how to do this sort of import of the .crt file and the
.key file as well. There are still people out there who don't believe in
the power on the keytool!

> There's no need for you to import the CA's root certificate.  It's
> already there.
That's right. I just did it, as most of the guides recommended it.

Thanks a lot
- C. Lechner

To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message