Return-Path: X-Original-To: apmail-tomcat-users-archive@www.apache.org Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 61C59F0F0 for ; Fri, 26 Apr 2013 01:57:56 +0000 (UTC) Received: (qmail 10347 invoked by uid 500); 26 Apr 2013 01:57:52 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 10287 invoked by uid 500); 26 Apr 2013 01:57:52 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 10272 invoked by uid 99); 26 Apr 2013 01:57:52 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 26 Apr 2013 01:57:52 +0000 X-ASF-Spam-Status: No, hits=0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE X-Spam-Check-By: apache.org Received-SPF: error (nike.apache.org: local policy) Received: from [76.96.59.228] (HELO qmta15.westchester.pa.mail.comcast.net) (76.96.59.228) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 26 Apr 2013 01:57:46 +0000 Received: from omta15.westchester.pa.mail.comcast.net ([76.96.62.87]) by qmta15.westchester.pa.mail.comcast.net with comcast id UQ0q1l00B1swQuc5FRx5Ns; Fri, 26 Apr 2013 01:57:05 +0000 Received: from Christophers-MacBook-Pro.local ([69.143.109.145]) by omta15.westchester.pa.mail.comcast.net with comcast id URx21l00s38FjT13bRx3ed; Fri, 26 Apr 2013 01:57:05 +0000 Message-ID: <5179DEED.80002@christopherschultz.net> Date: Thu, 25 Apr 2013 21:57:01 -0400 From: Christopher Schultz User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:17.0) Gecko/20130328 Thunderbird/17.0.5 MIME-Version: 1.0 To: Tomcat Users List Subject: Re: SSL configuration on Tomcat7. References: <5179645C.8030004@christopherschultz.net> <51799647.3010308@gmail.com> In-Reply-To: <51799647.3010308@gmail.com> X-Enigmail-Version: 1.5.1 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.net; s=q20121106; t=1366941425; bh=51CTUYxAZhCQ5KX/tODpW7cMW2HH7qnEDvrUaqojXms=; h=Received:Received:Message-ID:Date:From:MIME-Version:To:Subject: Content-Type; b=QBkQ/yViBr3kktfRsB1+16JR5B9eudc91wlU6GHSQvB3EYUreDXalkjOTpKWDuitG ndiGCKHxg82WQt5wiy9Zlyqco5piE5uaDbQ9y3X/+EhIAW6OCQIyk5AGRI6r/GRSmO zeJul4cOITEpdoXKkPBdnnWYM4rQyQ8OuCEkrhuT1j7t3/qGYx8vVOK5nwKm1F+EGA kElKSGljXg0qX/mLxHzWaF3p/HwzxJEUI1WW1gyTzaDidhOdaTA7i8px3Gf15SFKUl UKag9efn9DFKCTGFMoSzhDvgzhj3P5W1Fw75FQZm56Zzy2p4fiTrBzIKsS5Fxup2+3 96ybOhLLMzdww== X-Virus-Checked: Checked by ClamAV on apache.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Ognjen, On 4/25/13 4:47 PM, Ognjen Blagojevic wrote: > Shahid, Chris, > > On 25.4.2013 19:14, Christopher Schultz wrote: >> On 4/25/13 11:10 AM, Shahid Tamboli wrote: >>> Hello Everyone, I am Shahid Tamboli and working at Mobimedia >>> Technologies, Pune, India. We are stuck up with configuring >>> our server with SSL. We have taken an Ubuntu instance on >>> Amazon. We have installed Tomcat on the server. The Tomcat >>> version is Tomcat 7 We are facing issues of configuring SSL >>> certificates on my Tomcat server We have followed the following >>> steps of deploying the certificate. >>> http://www.networksolutions.com/support/installation-for-java-based-webservers-e-g-tomcat-using-keytool/ >>> >>> >>> >>> On following the above steps we are getting error of certificate >>> not trusted and on contacting the Certificate Provider they >>> told us to check our installation again. Thus if anyone can >>> help us on this issue >> >> Please tell us exactly what steps you took. I know you were >> following an online "howto", but please start over again (e.g. >> delete your keystore), and tell us how you went from a clean >> installation of Tomcat to where you are today. You are likely >> missing a step (or 2). > > No, no, no... do not delete keystore. That may be the only place > where your private key is. Erp... sorry! You are absolutely right. I keep forgetting how astoundingly stupi... er, efficient! ... Java keystores are. > If you delete your private key, you will have to generate new > private key, and purchase new certificate. This is true. I hope the OP reads this before blowing that file away. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJRed7tAAoJEBzwKT+lPKRYJwIP/RFIaEw65anffhuE9KRcQ75K AY89quXsNKfu5L3lFRyjHM9VfZx4S6qD86ntmF94r0gM22Ka0LS0Lih8E6/lVe0j fDEbU3pm0dgb/3gYrxJ7dDVoFOR2oqS1l5aNScKCwtPlad6bs3quJvLSjqVRermk SyQ9iypv63/08QfMflkwUgzzkvWFrZ39Qd6fSi0vAkl/M1S8CbgLBGZnTMH6NZxh +Xj3/2B8sTvzLrS/Nc0ez4vBbFQ8wmeQyGM6t5x7GIh128UEAK0AuIOHLNjd960i yQOdFDDpIv29eoJlMvjvEsVVZk4h2fUK9LB0XnG2w+Eqr77AyEatMbE5F7BHpzFr i3JThXgV7/ufhH0jIGWvGK4dwBD/zjz/e22E8/464j2dHLt38L6BuEXNMGMUcnK7 RCcmkWLtBgG6aTyjEDED7EpkYGpJJh1GmFM1BmefkSLDTJ0HWSPy1n14d7z4tv3L KgxPcEQjG8lXw9US+GHJRO2yqUfSomh5fBxQyl/+kUJ8bJF+Fk+MGxYURevgR3PE 5LhCraNNT2HZzd7c3Y62F1tgpyXr18VzELYmFouYOQrYtpSEJzQnxXr3I5TkjcMo +u4vcVjq3HZFFYJP7cKSXwXStm2GZWE2l2cTz5rd3tAmPiORNARM4sor0/4E3MKu SCgPv5ofcL+7sGbzoSrr =qx5U -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org