tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Daniel Mikusa <dmik...@gopivotal.com>
Subject Re: Tomcat 6 SSL CA Certificate does not work, but Self signed Certificate does
Date Fri, 04 Apr 2014 20:44:21 GMT
On Apr 4, 2014, at 4:34 PM, Mark Murphy <jmarkmurphy@gmail.com> wrote:

> 1.5.0_15

Any chance you could try a more recent JVM?  Java 6 or preferably Java 7.  That’s really
old.

Dan

> 
> On Fri, Apr 4, 2014 at 3:23 PM, Daniel Mikusa <dmikusa@gopivotal.com> wrote:
>> On Apr 4, 2014, at 2:52 PM, Mark Murphy <jmarkmurphy@gmail.com> wrote:
>> 
>>> Created my keystore according to the directions here:
>>> http://support.godaddy.com/help/article/5239/generating-a-csr-and-installing-an-ssl-certificate-in-tomcat-4x5x6x7x
>> 
>> Ok.  Good start.
>> 
>>> This is what I see in Chrome:
>>> 
>>> SSL Connection Error
>>> 
>>> Unable to make a secure connection to the server. This may be a
>>> problem with the server, or it may be requiring a client
>>> authentication certificate that you don't have.
>>> Error code: ERR_SSL_PROTOCOL_ERROR
>>> 
>>> Here is a non-SSL URL: http://www.myerstorquetracker.com
>>> With SSL: https://www.myerstorquetracker.com
>> 
>> Interesting.  What JVM (java -version) are you using?
>> 
>> Dan
>> 
>>> 
>>>> 
>>>> 
>>>>> I am trying to set up SSL on tomcat with a CA certificate from goDaddy.
>>>>> 
>>>>> I am unable to load the Web Page using HTTPS.
>>>> 
>>>> What exactly happens when you try to access it?  Please include browser behavior
and any errors / messages it gives you about the connection.
>>>> 
>>>>> 
>>>>> When I try to use a self signed certificate, everything works as expected,
>>>>> but when I change the keystore to point to the one with the CA certificate
>>>>> in it, I get nothing.
>>>> 
>>>> What steps / instructions did you follow to generate your keystore file?
>>>> 
>>>> Dan
>>>> 
>>>>> There is nothing in the log that isn't there for the
>>>>> Self-Signed startup either.
>>>>> 
>>>>> Here is the Connector declaration:
>>>>> 
>>>>> <Connector protocol="org.apache.coyote.http11.Http11NioProtocol" port="443"
>>>>> scheme="https" secure="true" SSLEnabled="true"
>>>>> keystoreFile="mykeystore.keystore" keystorePass="xxxxxxxx" keyAlias="tcat"
>>>>> clientAuth="false" sslProtocol="TLS" />
>>>>> 
>>>>> The keystore contains "tcat" as one of the three keys. The other two
>>>>> entries are "root" and "intermed" from goDaddy.
>>>>> 
>>>>> Where can I look to find the issue?
>>>> 
>>>> 
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>> 
>>> 
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>> 
>> 
>> 
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message