You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by ch...@netscape.net on 2003/03/14 03:52:31 UTC

A tomcat SSL question

I am aware that this might better fit in the tomcat-user list.  But I have been asking over there for a couple of days, and nobody seems to have an answer to it.  Probably it is too difficult?  I doubt.  Anyway, I hope that I can get some help from here.

I know how to use keytool to generate a self-signed certificate and run Tomcat with SSL.

I want to use a certificate that is generated by my little Java program which is part of my Certification Authority.

So I have my little Java program generate a X509 Certificate called cert4ca.cer.

Then I deleteed the tomcat certificate in my keystore and successfully imported cert4ca.cer into my keystore as alias tomcat.  See the attached file cert4ca.cer. It's a valid one, otherwise, I would not have been
able to import it into my keystore.

Now I launch tomcat, but I can only visit http://localhost, not https://localhost.  If I reverse to the keytool-generated certificate, both http and https work perfect again.

So, would you please give me a hint, how can I use the certificate generated by my little Java program to run tomcat with SSL?

Thanks a lot in advance.

Mark (Choreson)

__________________________________________________________________
Try AOL and get 1045 hours FREE for 45 days!
http://free.aol.com/tryaolfree/index.adp?375380

Get AOL Instant Messenger 5.1 for FREE! Download Now!
http://aim.aol.com/aimnew/Aim/register.adp?promos=380455

RE: A tomcat SSL question

Posted by Keith Wannamaker <Ke...@Wannamaker.org>.

Hi Mark, you can start the vm with -Djavax.net.debug=all to get
under the hood of jsse and see why the handshake is failing.
You may also need to do some conversion as described here:
http://www.comu.de/docs/tomcat_ssl.htm.  

Keith

| -----Original Message-----
| From: choreson@netscape.net [mailto:choreson@netscape.net]
| Sent: Thursday, March 13, 2003 9:53 PM
| To: tomcat-dev@jakarta.apache.org
| Subject: A tomcat SSL question
| 
| 
| So, would you please give me a hint, how can I use the certificate generated by my little Java program to run tomcat with SSL?
| 
| Thanks a lot in advance.
| 
| Mark (Choreson)


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org