tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Filip Hanik - Dev Lists <devli...@hanik.com>
Subject Re: Tomcat keeps breaking/SSL keystore troubles
Date Thu, 30 Aug 2007 18:01:54 GMT
Christoph Lechner wrote:
> Filip Hanik - Dev Lists wrote:
>   
>> my guess is that the keystore file doesn't contain your private key,
>>     
> Hi,
>
> that's right. Actually the file sent to the CA was created using OpenSSL
> (as far as I remember). So the keystore isn't the one used to create the
> CSR. Among the files I have at the moment, there's a .key file, but how
> to import it?
>   
then you have two options
1. The one you mentioned, import the key, I have no idea how, but I'm 
sure it's doable
2. Use the Tomcat APR connector, this connector uses OpenSSL 
certificates and keys
   And the benefit here, is that you get twice as fast SSL to Tomcat, 
way better than Java SSL


Filip
> When I dump the self signed certificate that is known to work, I get:
> dummy@ab-server1:/tmp$ keytool -list -keystore my.keystore
> Enter keystore password:  changeit
>
> Keystore type: jks
> Keystore provider: SUN
>
> Your keystore contains 1 entry
>
> tomcat, Jul 19, 2007, keyEntry,
> Certificate fingerprint (MD5):
> 1D:31:E7:09:DF:AC:ED:B2:A7:09:36:06:E9:B6:69:DD
>
> BTW: Looks like it's the same problem like in the thread "Re: Problems
> with SSL-enabled Tomcat 5.5"
>
> CU
> - C. Lechner
>
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
>
>   


---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message