HELP: Verisign's intermediate certificate problem

[BBQ <bb...@pentacorp.com>]

Hi.  I'm new to Tomcat, taking over for a SysAdmin who departed suddenly
after 8 years.  Our existing Verisign SSL 1-year certificate just
expired.  I obtained a new one from them with the option "use existing
data".  We are using Tomcat without Apache.

The problem is that in our server.xml file our Connector for port 8443
does NOT specify an alias.  (If I try to specify an alias then Tomcat
will not come up.)

Thus, Tomcat expects the first entry in our keystore to be our
certificate.  We also need a second entry, of course, to be Verisign's
blasted intermediate certificate.

Last year the old SysAdmin did this in some way (that he does not
remember) such that our certificate was listed with the alias
"compass[1]" and the Verisign intermediate certificate was listed with
alias "compass[2]".

No matter what I do I cannot duplicate those results.  No matter what I
do I cannot either cause both certificates to have the same alias (with
the [1] and [2]).  Nor can I cause our certificate to be listed before
the intermediate certificate.

Any help desperately solicited.

Thanks,
Bob
bbq@pentacorp.com

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org