tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Miguel González Castaños <miguel_3_gonza...@yahoo.es>
Subject Re: Javamelody and Struts
Date Wed, 25 Apr 2012 22:24:54 GMT
> Do those certificates match the type of certificate that you have?
> Last time I checked, VeriSign had a whole set of intermediate
> certificates and you need the ones that match the type of certificate
> you have (EV versus whatever the other flavors they have are).
Which other flavors? How do I know?
>
>> keytool -import -trustcacerts -alias EV_root -keystore
>> /opt/tomcat5/certs/tcc -file veriCA1.cer
> Is /opt/tomcat5/certs/tcc the file you have configured in Tomcat?
It's the keystore and yes, configured in tomcat
>
> Please post your SSL<Connector>  configuration (cleansed of any
> passwords).
>
> Finally, you didn't post your original stack trace. Since this is
> happening on the server-side, it's either a problem during startup or
> during client-certificate verification. Since you mentioned the "site
> certificate", I assume you are having problems with your server's SSL
> certificate and not a client certificate being presented by a remote
> client, right?
I'm not sure what you mean with the server and client certificates. No 
web browser reports the server certificate as no valid.
>
> Can you show me what this command returns:
>
> $ keytool -list -keystore /opt/tomcat5/certs/tcc -v
>


Your keystore contains 3 entries

Alias name: evintermediate
Creation date: Apr 24, 2012
Entry type: trustedCertEntry

Owner: CN=VeriSign Class 3 Secure Server CA - G3, OU=Terms of use at 
https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, 
O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G5, 
OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign 
Trust Network, O="VeriSign, Inc.", C=US
Serial number: 6ecc7aa5a7032009b8cebcf4e952d491
Valid from: Mon Feb 08 01:00:00 CET 2010 until: Sat Feb 08 00:59:59 CET 2020
Certificate fingerprints:
          MD5:  3C:48:42:0D:FF:58:1A:38:86:BC:FD:41:D4:8A:41:DE
          SHA1: 5D:EB:8F:33:9E:26:4C:19:F6:68:6F:5F:8F:32:B5:4A:4C:46:B4:76


*******************************************
*******************************************


Alias name: ev_root
Creation date: Apr 24, 2012
Entry type: trustedCertEntry

Owner: CN=VeriSign Class 3 Public Primary Certification Authority - G5, 
OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign 
Trust Network, O="VeriSign, Inc.", C=US
Issuer: OU=Class 3 Public Primary Certification Authority, O="VeriSign, 
Inc.", C=US
Serial number: 250ce8e030612e9f2b89f7054d7cf8fd
Valid from: Wed Nov 08 01:00:00 CET 2006 until: Mon Nov 08 00:59:59 CET 2021
Certificate fingerprints:
          MD5:  F9:1F:FE:E6:A3:6B:99:88:41:D4:67:DD:E5:F8:97:7A
          SHA1: 32:F3:08:82:62:2B:87:CF:88:56:C6:3D:B8:73:DF:08:53:B4:DD:27


*******************************************
*******************************************


Alias name:
Creation date: Feb 24, 2012
Entry type: keyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=www.mycompany.com, OU=Terms of use at www.verisign.com/rpa 
(c)05, OU=Comercial, O="My OU  S.L.", L=My city, ST=Madrid, C=ES
Issuer: CN=VeriSign Class 3 Secure Server CA - G3, OU=Terms of use at 
https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, 
O="VeriSign, Inc.", C=US
Serial number: 7afc00006539f4e816f7fe6b65f47af0
Valid from: Sat Feb 11 01:00:00 CET 2012 until: Fri Apr 12 01:59:59 CEST 
2013
Certificate fingerprints:



*******************************************
*******************************************

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message