You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Balakrishna Kudaravalli <bk...@cisco.com> on 2003/04/23 23:57:42 UTC
Help please: Tomcat 4.1.24 enable SSL
Hi All,
Update to my earlier mail:
I am able to access https:// with the default generated certs. However,
After I had imported the server cert (given by my internal IT folks) into a
keystore and specified the keystoreFile & keystorePass attribute in
server.xml Tomcat startsup but https:// does not work and there is no
exception logged (http:// works fine though).
Wondering if any one of you had got this problem. Any info, would be very
helpful.
Thank you.
-Bala
Hi All,
Issue: Enabling SSL for Tomcat 4.1.24
1. I have created a cert using keytool -genkey -alias tomcat -keyalg
RSA and have given a password "changeit" (default)
2. Uncommented SSL coyote HTTP/1.1 connector in server.xml. Since the
Keystore is at a deafault loc, I have not given a keystoreFile attribute
3. On starting up Tomcat, HTTPS works fine
Issue:
4. Now, I need to replace the default cert with the certs provided by our
internal folks. How do I do that ? the certs provided to me are in pkcs 12
format:
5. Should I convert the pkcs12 certs into x509 ?
6. What certs should I import into the keystore (server, client, ca) ?
Your help would be greatly appreciated.
Thank you,
-Bala
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: Help please: Tomcat 4.1.24 enable SSL
Posted by Bill Barker <wb...@wilshire.com>.
I'm assuming that you have done the obvious, and set the keystoreType
attribute on the Factory.
I've had problems with JSSE1.1.x (the JDK1.4 version) with reading a pkcs12
keystore that was generated by OpenSSL to include certificate chain. I
guess that you have to complain to Sun (or other JDK vendor about this :).
Using a pkcs12 keystore works fine when it just has the server-cert, and
I've imported the signer into the cacerts.
"Balakrishna Kudaravalli" <bk...@cisco.com> wrote in message
news:4.3.2.7.2.20030423145346.04387a88@wells.cisco.com...
> Hi All,
>
> Update to my earlier mail:
>
> I am able to access https:// with the default generated certs. However,
> After I had imported the server cert (given by my internal IT folks) into
a
> keystore and specified the keystoreFile & keystorePass attribute in
> server.xml Tomcat startsup but https:// does not work and there is no
> exception logged (http:// works fine though).
>
> Wondering if any one of you had got this problem. Any info, would be very
> helpful.
>
> Thank you.
> -Bala
>
>
>
> Hi All,
>
> Issue: Enabling SSL for Tomcat 4.1.24
>
> 1. I have created a cert using keytool -genkey -alias tomcat -keyalg
> RSA and have given a password "changeit" (default)
> 2. Uncommented SSL coyote HTTP/1.1 connector in server.xml. Since the
> Keystore is at a deafault loc, I have not given a keystoreFile attribute
> 3. On starting up Tomcat, HTTPS works fine
>
> Issue:
> 4. Now, I need to replace the default cert with the certs provided by our
> internal folks. How do I do that ? the certs provided to me are in pkcs 12
> format:
>
> 5. Should I convert the pkcs12 certs into x509 ?
>
> 6. What certs should I import into the keystore (server, client, ca) ?
>
> Your help would be greatly appreciated.
>
> Thank you,
> -Bala
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org