tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <>
Subject Re: SSL Configuration Errors
Date Fri, 06 Jan 2012 22:20:12 GMT
Hash: SHA1


On 1/6/12 2:56 PM, Justin Larose wrote:
> This Tomcat environment was setup long before I worked here, so I
> am just upgrading from an older version to 7.0.23 and trying to not
> use a self signed certificate.

It's important for you to know if your app actually requires client
authentication. Since your <Connector> says clientAuth="true", it
means that all clients must present a valid certificate in order to

> I can get the sample-ssl.jks to work with the below connector port 
> information. But when I edit the connector ports to add the new 
> "wcmdev-ssl.jks" and imported Certificate(s) I received from the
> CSR I get the error, " Alias name tomcat does
> not identify a key entry"

What do you get if you run this command:

$ keytool -list -keystore conf/sample-ssl.jks

> Weird because it is an alias. Is it looking for tomcat as the
> actual entry name or alias?

Your certificate needs to have the alias "tomcat".

> It seems like it is not reading the keystore properly. Should I
> just create a new CSR from the sample-ssl.jks keystore?

That shouldn't be necessary. You may have to re-import your
certificate, though.

- -chris
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools -
Comment: Using GnuPG with Mozilla -


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message