tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Murphy <jmarkmur...@gmail.com>
Subject Re: Tomcat 6 SSL CA Certificate does not work, but Self signed Certificate does
Date Fri, 04 Apr 2014 21:00:38 GMT
So let me try to understand what is going on here. I generate a keystore
using keytool, that contains a key. At this point it is equal to a self
signed certificate, and it works, but the browser complains that there is
no CA. I then need to create a certificate request ad send that off to
goDaddy. What is this? a public key that matches up with the private key?
Then I have to import the certificates that goDaddy returns to me because
that validates the private key that is already in the keystore?


On Fri, Apr 4, 2014 at 4:46 PM, Mark Thomas <markt@apache.org> wrote:

> On 04/04/2014 21:42, Mark Murphy wrote:
> > I saw something on StackOverflow that said the key type in the keystore
> > needs to be PrivateKeyEntry and not trustedCertEntry. Is this true? When
> I
> > look at my keystore, it is trustedCertEntry for all the certs.
> >
> > But when I look at the type for the self signed certificate (which
> works),
> > it shows keyEntry.
> >
> > Does, or should this matter? and if so, how do I change the type?
>
> Yes, this matters a lot.
>
> You must import the cert you receive from the CA into the same keystore
> you used to generate the CSR since that is where the private key is and
> the server has to have access to the private key.
>
> Mark
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message