tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: Problem bringing up SSL with a CA certificate
Date Tue, 24 Jan 2012 14:55:45 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

James,

On 1/23/12 6:19 PM, James Lampert wrote:
> Christopher Schultz wrote:
>> Did you also put your server's key into the keystore?
> 
> It seems that when the customer rep jumped the gun and submitted a
> CSR to Thawte before we even had Tomcat running on a self-signed 
> certificate, he did so using IBM DCM, whose keystores are
> incompatible with Keytool, and presumably also with Tomcat.
> 
> Fortunately, there's still a few days left to get a revocation and 
> refund, and start from scratch the right way.

For the same domain name, the CA might just allow you to submit a new
CSR and not have to go through the whole transaction again.

> Don't you just love it when end-users jump the gun, and pay good
> money to a third party for things before you have the specs to give
> them?

I dunno about "good" money... CAs are a total racket.

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk8exnEACgkQ9CaO5/Lv0PBVKgCdGIWISTnr8Z+QRmb5rVMWUEWH
x/cAoIcObOKAWD/UXilXNAOrzoBRlt2h
=L+bm
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message