tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From James Lampert <jam...@touchtonecorp.com>
Subject About certificates in Tomcat SSL support
Date Thu, 12 Jan 2012 17:14:28 GMT
Scenario:

I created a self-signed certificate for the box I was testing:
CN = James Lampert
OU = Development Lab
O = Touchtone Corporation
L = Costa Mesa
ST = California
C = US

I then installed it into the Tomcat server on that box. Connecting to 
the site with Firefox, I was told that the certificate was not trusted, 
and asked whether to trust it. After I said to trust it, Firefox now 
lets me in without further question.

Then, I temporarily installed the certificate on a customer's Tomcat 
server, just to verify that SSL support was working there. When I 
connected to it with Firefox, the initial message questioning the 
validity of the certificate said something about it being for a 
different server (so far as I'm aware, it isn't for *any* particular 
server).

Looking at the two Tomcat servers in Microsloth Imploder, even after 
telling it to trust the certificate, I consistently get a message, "The 
security certificate presented by this website was issued for a 
different website's address."

Looking at the two Tomcat servers in a different version of Firefox, on 
a different WinDoze box, both Tomcat servers give me the message, that 
it is not trusted because it is self-signed, and that it is only valid 
for James Lampert.

What exactly do I need to do, for a certificate to be recognized as the 
correct one for a given server?

Also: we have a CA-signed certificate that we use to sign JARs. Is that 
the same sort of certificate used for Tomcat?

--
JHHL


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message