You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Dave Salmon <ds...@Equilibrium.com> on 2005/04/05 05:20:07 UTC
help with ssl certificate installation
Tomcat users,
I have received three .crt files from a certificate authority. From
reading
several sources it seemed like the proper thing to do was
keytool -import -file GTECyberTrustGlobalRoot.crt -alias root
-trustcacerts
-keystore mykey.jks
keytool -import -file ComodoSecurityServicesCA.crt -alias comodo
-trustcacerts -keystore mykey.jks -storepass
keytool -import -file freerangeinc_virtual_vps-host_net.crt
-alias tomcat -trustcacerts -keystore mykey.jks
This created the file mykey.jks which when viewed with
keytool -list -file mykey.jks
seems like it has everything in it.
However when I point my server.xml file at mykey.jks I get an error
(below)
Could someone please tell me what I am missing here?
Thanks.
2005-04-04 21:39:52,741 ERROR
[org.apache.tomcat.util.net.PoolTcpEndpoint]
Endpoint [SSL: ServerSocket[addr=0.0.0.0/0.0.0.0,port=0,localport=8443]]
ignored exception: java.net.SocketException: SSL handshake
errorjavax.net.ssl.SSLException: No available certificate or key
corresponds
to the SSL cipher suites which are enabled.
java.net.SocketException: SSL handshake errorjavax.net.ssl.SSLException:
No available certificate or key corresponds to the SSL cipher suites
which are enabled.
at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.acceptSocket(JSSESocke
tFactory.java:113)
at
org.apache.tomcat.util.net.PoolTcpEndpoint.acceptSocket(PoolTcpEndpoint.
java:368)
at
org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:54
9)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool
.java:683)
at java.lang.Thread.run(Thread.java:595)
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org