Return-Path: X-Original-To: apmail-tomcat-users-archive@www.apache.org Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id CC9269B6A for ; Mon, 9 Jan 2012 19:37:10 +0000 (UTC) Received: (qmail 14495 invoked by uid 500); 9 Jan 2012 19:37:03 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 13952 invoked by uid 500); 9 Jan 2012 19:37:03 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 13884 invoked by uid 99); 9 Jan 2012 19:37:03 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 09 Jan 2012 19:37:03 +0000 X-ASF-Spam-Status: No, hits=-0.7 required=5.0 tests=RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of pid@pidster.com designates 209.85.212.173 as permitted sender) Received: from [209.85.212.173] (HELO mail-wi0-f173.google.com) (209.85.212.173) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 09 Jan 2012 19:36:57 +0000 Received: by wibhm2 with SMTP id hm2so3958147wib.18 for ; Mon, 09 Jan 2012 11:36:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pidster.com; s=google; h=message-id:date:from:organization:user-agent:mime-version:to :subject:references:in-reply-to:x-enigmail-version:openpgp :content-type; bh=FgHUmZx43zIi0M3XMYMuctgY6VCoqnjz3eu2TMt4ZVk=; b=SfxYU1wJjO08HZU12ysNL5AX/yh2rhpHFkeOOeTFYy+g7JhLTTKa2dxJTHbTLyu+hK EcGZF9c9cArrsXa7hEL93+weQ+jxExzII9upIctLxHfosAdO6r3eJMVAjCb3b5DlExa/ 0PkAt305pyJ3hcYm8lXLvAdA9ssJ9tl3h1K/g= Received: by 10.181.11.163 with SMTP id ej3mr7033487wid.4.1326137795934; Mon, 09 Jan 2012 11:36:35 -0800 (PST) Received: from Asura.local (cpc10-lewi14-2-0-cust355.2-4.cable.virginmedia.com. [82.4.249.100]) by mx.google.com with ESMTPS id 28sm80429445wby.3.2012.01.09.11.36.34 (version=SSLv3 cipher=OTHER); Mon, 09 Jan 2012 11:36:34 -0800 (PST) Message-ID: <4F0B41BA.2010103@pidster.com> Date: Mon, 09 Jan 2012 19:36:26 +0000 From: Pid Organization: Pidster Inc User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:8.0) Gecko/20111105 Thunderbird/8.0 MIME-Version: 1.0 To: Tomcat Users List Subject: Re: SSL Certificate Update Not Reflected on the Website References: <003901ccceb8$21a186c0$64e49440$@xtra.co.nz> <-4021679879387379885@unknownmsgid> <004101cccebb$a0704420$e150cc60$@xtra.co.nz> In-Reply-To: <004101cccebb$a0704420$e150cc60$@xtra.co.nz> X-Enigmail-Version: 1.3.4 OpenPGP: id=62590808 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="------------enig28C9A5101993994906871F07" --------------enig28C9A5101993994906871F07 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 09/01/2012 10:44, Conway Liu wrote: > Hi Pid, >=20 > I tried different browsers, and tried different computers. >=20 > What command line tool are you talking about? Something like: curl or openssl p > Thanks > Conway >=20 > -----Original Message----- > From: Pid * [mailto:pid@pidster.com]=20 > Sent: Monday, 9 January 2012 11:37 p.m. > To: Tomcat Users List > Subject: Re: SSL Certificate Update Not Reflected on the Website >=20 > On 9 Jan 2012, at 10:20, Conway Liu wrote: >=20 >> Hi, >> >> We used to use Thawte for our SSL certificate. Today I installed new=20 >> SSL certificate issued by VeriSign and there were no errors. The=20 >> primary and secondary intermediate CAs both imported into the keystore= =20 >> file properly, and then the SSL issued by VeriSign imported as well. I= =20 >> updated the server.xml to indicate the new keystore file with the keys= tore password. >> Started Tomcat, checked the log files and there were no errors. But=20 >> when I browse to the website, it is still saying the SSL has expired=20 >> and it's showing the one issued by Thawte. >> >> I tried to put an incorrect keystore password in server.xml and Tomcat= =20 >> did generate errors in the log file, which means Tomcat is looking at = >> the correct keystore file. >> >> We have also tried to reboot the server in case the old SSL was cached= =20 >> somewhere but that didn't help. >> >> Does anyone have any suggestion where might be wrong? >=20 > Which browser are you using? Some cache Certs and don't reflect the cha= nge immediately. >=20 > Have you tried with a command line tool? >=20 >=20 > p >=20 >=20 >> >> >> >> Thank you very much >> >> Conway >> >=20 > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org > For additional commands, e-mail: users-help@tomcat.apache.org >=20 >=20 > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org > For additional commands, e-mail: users-help@tomcat.apache.org >=20 --=20 [key:62590808] --------------enig28C9A5101993994906871F07 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBCgAGBQJPC0HAAAoJEGoM2OGpOvr9J64P/0XFsFLHDipMuEX5onO2kELd OFF4gbPyF7ukkFig80WAe+IdttMdLLeI+klW9lYdl2Vr7Oee89mgEuPIEE+hds0Q dRbppiwxy65rx09L3K1ZMfHlE6TfNbyfn0H3vroAysJ/OdL0i8vgjl+9UASrN1zw RTB1D1lrYjVpu23Oz8ivXDeDoH5qepFX3ySD0gpLrVLVhHOY8umEeOIByXUJYwBs bogBehTMI320OxD+Zd+hmdkJFuQh8yuAhGo/NzcGDUtpFb6WgaZ5AlSkaHjShFaI r/01cRmFXEMEYmmeb7z/gYhYn7YmRq8oYxbENUlpsiI+P4vHbvo8DZGunhDovgWt 8+MNffrQ4Lc2v4FLulTIHnzJb/BGhvzjUsBkBMe7Fl7l2P6WqmPd8RzV2Pnbe94u P+GctKw87ybLiBLYF0gh+IEor0K22BAyUT8yGh9anW1+efnjd8Mba3TyqWF5ANr5 caAm9gXWqWzJlERhqUrQbrxAUfFyj7tFL+xEQ5+KCEhi/Dx3UrGkxtkTsL5No3Bm gFx0VYvsVSnN6GvCOMZVZinuaAxyhOanlmn2Tqkc6Ye2FTJtSoIDOOS2iqi45AB6 mv/JrQQ2cjbrTdwFBDJ8GEc1BBizDZCLhTjy7w+hp7xyxgfyyzOkRVfiE0IOBk72 Q5C2OJvZGhNXj9LkPbKl =kU21 -----END PGP SIGNATURE----- --------------enig28C9A5101993994906871F07--