tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrew Erskine <a.ersk...@darasoft.com>
Subject RE: Cannot rid of expired Certificate ...
Date Mon, 23 Jan 2012 10:14:12 GMT

-----Original Message-----
From: Brooke Hedrick [mailto:brooke.t.hedrick@gmail.com] 
Sent: 20 January 2012 12:50
To: Tomcat Users List
Subject: RE: Cannot rid of expired Certificate ...

On Jan 20, 2012 6:47 AM, "Brooke Hedrick" <brooke.t.hedrick@gmail.com>
wrote:
>
> H
>
> On Jan 20, 2012 4:23 AM, "Andrew Erskine" <a.erskine@darasoft.com> wrote:
> >
> > Top post ?
> >
> > Win2003svr
> >
> > Yes correct store .. the only one I've been using .. did try and 
> > clear
the cache on firefox will try ie
> >
> > Thanks.
> > -----Original Message-----
> > From: Pid [mailto:pid@pidster.com]
> > Sent: 20 January 2012 09:51
> > To: Tomcat Users List
> > Subject: Re: Cannot rid of expired Certificate ...
> >
> > On 20/01/2012 02:28, Brooke Hedrick wrote:
> > > Are you sure you updated the correct keystore?  Which o/s are you
running?
> >
> > (Please don't top post.)
> >
> > It's worth noting that some browsers appear to cache certs and
sometimes changes are not immediately apparent.
> >
> >
> > p
> >
> > > On Jan 19, 2012 2:54 PM, "Darryl Lewis" <darryl.lewis@unsw.edu.au>
wrote:
> > >
> > >> Did you restart tomcat?
> > >>
> > >> On 20/01/12 5:00 AM, "Andrew Erskine" <a.erskine@darasoft.com> wrote:
> > >>
> > >>> I have a self certificate that expired today.
> > >>>
> > >>>
> > >>>
> > >>> I removed the certificate from the keystore which the server.xml 
> > >>> is pointin= g at and generated a new one with the same alias and 
> > >>> I can see that cert in=  the keystore.
> > >>>
> > >>>
> > >>>
> > >>> I've been through all my certificate locations on firefox and 
> > >>> removed any i= nstance
> > >>>
> > >>>
> > >>>
> > >>> On restarting tomcat and starting a new browser the website is 
> > >>> still saying=  I have an expired certificate - so where is this 
> > >>> being picked up
> > >> >from ? an= d is there a step I'm missing ?
> > >>>
> > >>>
> > >>>
> > >>>
> > >>>
> > >>> Thanks.
> > >>>
> > >>
> > >>
> > >> -----------------------------------------------------------------
> > >> ---- To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > >> For additional commands, e-mail: users-help@tomcat.apache.org
> > >>
> > >>
> > >
> >
> >
> > --
> >
> > [key:62590808]
> >
> >
> > --------------------------------------------------------------------
> > - To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > For additional commands, e-mail: users-help@tomcat.apache.org
> >
>
> Where is your keystore located?  When running on with Tomcat poviding 
> the
cert, as I recall, there were 2 options of keystore placement.  If you are using APR you can
specify the location.  If not, it assumes it has to look under your 'profile' home.  So, c:/documents
ands settings/... or c:/users/...  Are you using APR?

Another question...  To rule out the browser, have you tried using openssl to retrieve tthe
certificate?

The only placement of my keystore is ..

keystoreFile="<SPECROOT>/custom/keystore/cacerts"
keystorePass="changeit">

and that is where I have deleted the entry for my server and re-created a new one.

Not sure what APR is ?

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message