Return-Path: X-Original-To: apmail-tomcat-users-archive@www.apache.org Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id CF7B910382 for ; Wed, 30 Oct 2013 14:54:13 +0000 (UTC) Received: (qmail 93347 invoked by uid 500); 30 Oct 2013 14:52:56 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 93228 invoked by uid 500); 30 Oct 2013 14:52:49 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 93124 invoked by uid 99); 30 Oct 2013 14:52:46 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 30 Oct 2013 14:52:46 +0000 X-ASF-Spam-Status: No, hits=-0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: local policy includes SPF record at spf.trusted-forwarder.org) Received: from [75.180.132.120] (HELO cdptpa-omtalb.mail.rr.com) (75.180.132.120) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 30 Oct 2013 14:52:40 +0000 X-Authority-Analysis: v=2.0 cv=LKjkseq9 c=1 sm=0 a=CMIagxsx9fMjTR9dGS23VA==:17 a=4jdjCIWhz9QA:10 a=FKkrIqjQGGEA:10 a=gKdNUozYXGYA:10 a=wPDyFdB5xvgA:10 a=IkcTkHD0fZMA:10 a=Fx01H1t8AAAA:8 a=KGjhK52YXX0A:10 a=fpGgZE6NnXYA:10 a=eM1FkN8WAAAA:8 a=4Lkng3UWPxAi6PkKEQIA:9 a=QEXdDO2ut3YA:10 a=CMIagxsx9fMjTR9dGS23VA==:117 X-Cloudmark-Score: 0 X-Authenticated-User: X-Originating-IP: 98.26.39.66 Received: from [98.26.39.66] ([98.26.39.66:4006] helo=mail.electrichendrix.com) by cdptpa-oedge02.mail.rr.com (envelope-from ) (ecelerity 2.2.3.46 r()) with ESMTP id 8D/54-09301-22D11725; Wed, 30 Oct 2013 14:52:19 +0000 Received: from localhost (localhost [127.0.0.1]) by mail.electrichendrix.com (Postfix) with ESMTP id EE59F1182F0 for ; Wed, 30 Oct 2013 10:42:31 -0400 (EDT) X-Virus-Scanned: amavisd-new at mail.electrichendrix.com Received: from mail.electrichendrix.com ([127.0.0.1]) by localhost (mail.electrichendrix.com [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id rS-tkzxxHZpr for ; Wed, 30 Oct 2013 10:42:31 -0400 (EDT) Received: from mail.electrichendrix.com (mail.electrichendrix.com [192.168.124.3]) by mail.electrichendrix.com (Postfix) with ESMTP id 49D621182B0 for ; Wed, 30 Oct 2013 10:42:31 -0400 (EDT) Date: Wed, 30 Oct 2013 10:42:31 -0400 (EDT) From: Chris Arnold To: Tomcat Users List Message-ID: <1714804254.72101.1383144151159.JavaMail.root@electrichendrix.com> In-Reply-To: <526CDFCF.4020702@gmail.com> References: <843270989.22099.1382823557406.JavaMail.root@electrichendrix.com> <526C467E.1020001@gmail.com> <881752998.23178.1382834823926.JavaMail.root@electrichendrix.com> <526CDFCF.4020702@gmail.com> Subject: Re: Secure Tomcat With SSL MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Mailer: Zimbra 8.0.0_GA_5434 (ZimbraWebClient - FF10 (Linux)/8.0.0_GA_5434) Thread-Topic: Secure Tomcat With SSL Thread-Index: FoXiXmGKstOT7XdRRQPWWRfDhvWiHA== X-Virus-Checked: Checked by ClamAV on apache.org >Chris, Thank you for taking the time to help me in securing tomcat. I called godaddy and they instructed me to download the tomcat cert, which i did, and follow their provided instructions: http://support.godaddy.com/help/article/5239/generating-a-csr-and-installing-an-ssl-certificate-in-tomcat-4x5x6x?locale=en I skipped generating a keystore and csr in tomcat and went directly to install ssl in tomcat (generating a csr and keystore = tomcat already has a keystore, no? I already have generated the csr with godaddy (thats how i got the cert, no?) So in installing ssl in tomcat, i run the 1st command: keytool -import -alias root -keystore tomcat.keystore -trustcacerts -file /root/2b05f72c7ddd37/gd_bundle.crt (this is the root cert according to rep with godaddy) and get this: Enter keystore password: keytool error: java.lang.Exception: Certificate not imported, alias already exists Then: ./keytool -import -alias intermed -keystore tomcat.keystore -trustcacerts -file /root/2b05f72c7ddd37/gd_intermediate.crt and get this: Enter keystore password: Certificate already exists in keystore under alias Do you still want to add it? [no]: y Certificate was added to keystore Then: ./keytool -import -alias tomcat -keystore tomcat.keystore -trustcacerts -file /root/2b05f72c7ddd37//2b05f72c7ddd37.crt and get this: Enter keystore password: keytool error: java.lang.Exception: Certificate not imported, alias already exists Not sure where to go from here! Can anyone help? I just want to do something basic and that issecure tomcat with a godaddy SSL cert. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org