tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Barker" <wbar...@wilshire.com>
Subject Re: Cofiguring tomcat for trial certificate by trusted authorities like verisign not working.
Date Fri, 13 Mar 2009 02:21:24 GMT
Willing to try and play psychic ;).

Procedure 1 is what you want.  But the keystore must be the same one that 
you used to create the CSR you sent to Verisign.  This is by far the second 
most common mistake that people make when setting up Tomcat to use SSL.  As 
Chuck suggested, check if you are using APR (the SSL configuration options 
are different, and APR can't use a JKS keystore).  This is the most common 
mistake.  Verisign has an intermediate cert as well.  You'll likely need to 
import that as well.  And of course, import the Verisign root cert.


"Bhuvanesh Pattanashetti" <bhuvanmp@gmail.com> wrote in message 
news:bce69da80903120948v7c2f1693md9db7e74e6e3f994@mail.gmail.com...
> Hi all,
> I m trying to set up the SSL for tomcat server. I wanted to know what
> exactly is the procedure.
> here is what i have followed.
>
> Procedure 1.
>
>   1. Created my own keystore.
>   2. Imported the trial certificate (provided by Verisign ) into the
>   keystore.
>   3. Added a ssl connector component in to the conf/server.xml into tomcat
>   configuration file.
>   4. Started the Server, When tried accessing connector port from browser,
>   I got cannot display the webpage.
>   5.
>
> procedure 2 :
>
>   1. Created my own keystore.
>   2. Imported the trial certificate (provided by Verisign ) into the
>   keystore.
>   3. Imported the trial certificate (provided by Verisign ) into the
>   cacerts from jre/lib/security/cacerts.
>   4. Added a ssl connector component in to the conf/server.xml into tomcat
>   configuration file mentioning keyAlias pointing to imported certificate
>   alias.
>   5. Started the Server, at start up i got the folliwing exception
>
>   java.io.IOException: Alias name mykeyalias does not identify a key entry
>
> I had importing the root certificate or intrmediate certificate first 
> before
> importing trial verisign certificate suggested by tomcat.
> But none of the things are working :-( please suggest me.
> thanks in advance.
> Bhuvan P
> 




---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message