You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Wolfgang Mutter <mu...@comu.de> on 2001/05/15 16:45:18 UTC

Re[2]: Tomcat and SSL

Hi,

we had the same problem, so wie wrote an Java program to handle this !

http://www.comu.de/docs/tomcat_ssl.htm

Yours
Wolfgang

> Hi All,
> I need to setup Tomcat standlone with SSL support, I do it according to
> Tomcat's user-guide in the following step using tomcat account:
> I modified the java.security before did these

>>keytool -genkey -alias tomcat -keyalg RSA
>>openssl req -new -out REQ.pem -keyout KEY.pem
>>openssl req -x509 -in REQ.pem -key KEY.pem -out CERT.pem
> then verify
>>openssl req -verify -in REQ.pem
>>openssl req -verify -in REQ.pem -key KEY.pem
>>openssl req -text -in REQ.pem
> everything looks well, but
> when I do:
>>keytool -import -v -trustcacerts -alias tomcat -file CERT.pem
> get the error messages,
> Enter keystore password:  changeit
> keytool error: java.lang.Exception: Public keys in reply and keystore don't
> match

> So tried to delete all files in /home/tomcat: .keystore and *.pem
> So I want to repeat the above steps
>>  keytool -genkey -alias tomcat -keyalg RSA get the error messages
> Enter keystore password:  changeit
> keytool error: java.lang.Exception: Key pair not generated, alias <tomcat>
> already exists

> I never use SSL before and very confused now, are there some documentation
> to do this step by step? any help are highly appreciated!

> Kevin







mfg
Wolfgang Mutter
Computer Mutter GmbH

Re[2]: Tomcat and SSL

Posted by Tim O'Neil <ti...@xythos.com>.

Wolfgang;

Just found out; you can convert a Thawte cert with IE 5.
Import the text formatted cert and export it in DER format.
Seems to work ok.

At 04:45 PM 5/15/2001 +0200, you wrote:
>Hi,
>
>we had the same problem, so wie wrote an Java program to handle this !
>
>http://www.comu.de/docs/tomcat_ssl.htm
>
>Yours
>Wolfgang
>
> > Hi All,
> > I need to setup Tomcat standlone with SSL support, I do it according to
> > Tomcat's user-guide in the following step using tomcat account:
> > I modified the java.security before did these
>
> >>keytool -genkey -alias tomcat -keyalg RSA
> >>openssl req -new -out REQ.pem -keyout KEY.pem
> >>openssl req -x509 -in REQ.pem -key KEY.pem -out CERT.pem
> > then verify
> >>openssl req -verify -in REQ.pem
> >>openssl req -verify -in REQ.pem -key KEY.pem
> >>openssl req -text -in REQ.pem
> > everything looks well, but
> > when I do:
> >>keytool -import -v -trustcacerts -alias tomcat -file CERT.pem
> > get the error messages,
> > Enter keystore password:  changeit
> > keytool error: java.lang.Exception: Public keys in reply and keystore don't
> > match
>
> > So tried to delete all files in /home/tomcat: .keystore and *.pem
> > So I want to repeat the above steps
> >>  keytool -genkey -alias tomcat -keyalg RSA get the error messages
> > Enter keystore password:  changeit
> > keytool error: java.lang.Exception: Key pair not generated, alias <tomcat>
> > already exists
>
> > I never use SSL before and very confused now, are there some documentation
> > to do this step by step? any help are highly appreciated!
>
> > Kevin
>
>
>
>
>
>
>
>mfg
>Wolfgang Mutter
>Computer Mutter GmbH