Return-Path: X-Original-To: apmail-tomcat-users-archive@www.apache.org Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 3255817D72 for ; Wed, 5 Nov 2014 21:46:08 +0000 (UTC) Received: (qmail 41199 invoked by uid 500); 5 Nov 2014 21:46:04 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 41126 invoked by uid 500); 5 Nov 2014 21:46:04 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 41114 invoked by uid 99); 5 Nov 2014 21:46:04 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 05 Nov 2014 21:46:04 +0000 X-ASF-Spam-Status: No, hits=1.5 required=5.0 tests=HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of matt.trading@gmail.com designates 209.85.213.172 as permitted sender) Received: from [209.85.213.172] (HELO mail-ig0-f172.google.com) (209.85.213.172) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 05 Nov 2014 21:45:59 +0000 Received: by mail-ig0-f172.google.com with SMTP id a13so9577593igq.11 for ; Wed, 05 Nov 2014 13:44:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=uM1jUOGTlSq0xX3vTIg3JezlAMXXgQb6yYRbBjFn9vA=; b=pG8zEmbUKeyEOVWxxSSBSLE2BW30ras1TVYS/4Ie6pmeAQlY5NkPnSAikP3m2JtUUQ n1MxTOCKA44dkMogcO3Sji4XszJFNZ3H6w/cadulnUUd6Lf10Nqw/Ahe2oX7Q4AsdUuU qO7Y9v6Y4hQt5p+zrSvUbpp2S8n3Y5WTp3Qy7dKsFPfmTkmJTTCRGyJc1ULsjSJTjO4D W9hS5KJVvO88hdt5Wg94jUAS9gbjWaKzxxbvWGQIHIcFg6V7acrY5QgLCHUQx/8F3NQ/ 7TNWGkIQ1Mmglu75GkG+OuqCIm2dpmcDiMRyj79P7dByYgRmR5S5zgn7lLR21uQCHnup CsTA== MIME-Version: 1.0 X-Received: by 10.42.194.16 with SMTP id dw16mr7378938icb.28.1415223893582; Wed, 05 Nov 2014 13:44:53 -0800 (PST) Received: by 10.107.9.13 with HTTP; Wed, 5 Nov 2014 13:44:53 -0800 (PST) Date: Wed, 5 Nov 2014 15:44:53 -0600 Message-ID: Subject: SSL Root Cert install From: Matthew Smith To: users@tomcat.apache.org Content-Type: multipart/alternative; boundary=20cf301cc72074809c0507237d34 X-Virus-Checked: Checked by ClamAV on apache.org --20cf301cc72074809c0507237d34 Content-Type: text/plain; charset=UTF-8 I'm running Apache Tomcat 7 on Windows Server 2008 R2 with Java jdk 1.8.0_25. I was able to use the keytool.exe command with the -genkey switch to create a keystore. I then used keytool.exe to create a CSR which I submitted to an issuer and received a certificate. I have to use keytool.exe to import the Root and Chain certificates first. I can't get the import of the Root certificate to work. I get the error message "keytool error: java.io.FileNotFoundException: C:\Users\Administrator\root.cer (The system cannot find the file specified)" Searches I do for this error seem to only net me results when people run keytool.exe and it can't find their .keystore. Keytool.exe finds my keystore just fine, it can't find the actual root.cer file though. I've tried putting that cert file in the C:\Users\Administrator folder with the .keystore file, I've put it in the Java jdk folders, I've put it in the tomcat7 folder, and keytool.exe still can't find it. I've download the Microsoft Process Monitor util and setup a filter to watch for any commands/errors related to my root.cer file, and the keytool.exe process can access the root.cer file, even though the import fails. I've modified the -file command to use the current directory, I've passed it the full path to the root.cer file in multiple locations, nothing is working, and I've run out of ideas for things to try. Has anyone else seen this problem before? --20cf301cc72074809c0507237d34--