You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Patrick Lacson <pl...@gmail.com> on 2006/02/04 00:17:36 UTC
Definitive Guide for setting up SSL for Tomcat
hi all,
I've been trying to set up SSL using the Verisign free trial certificate
without success. The self-cert using instructions per the tomcat5.5-ssl-how.
was easy and straightforward, but the instructions for how to use a verisign
certificate did not work. I have followed those instructions using the
Verisign Chain imported first and then importing the Verisign Cert second.
Here's the steps:
1) D:\emod>keytool -keystore emod-keystore -genkey -alias tomcat -keyalg RSA
.. (asks me questions about the cert) ...
.. (leave tomcat password blank by pressing enter) ...
Next I generate the cert request for Verisign using the command:
2) D:\emod>keytool -certreq -keyalg RSA -alias tomcat -file
certreq.csr-keystore emod-keystore
Enter keystore password: changeit
I submit that CSR to Verisign in the Free Trial offer wizard.
While waitiing for the submitted cert to return, I import the Chain
Authority:
http://www.verisign.com/support/install2/intermediate.html
3) D:\emod>keytool -import -alias root -keystore emod-keystore -trustcacerts
-file chain-cert.txt
Enter keystore password: changeit
Certificate was added to keystore
I check my email and copy the cert from the email to a separate file and
import the cert
4) D:\emod>keytool -import -alias tomcat -keystore emod-keystore
-trustcacerts -file trial-cert.cer
Enter keystore password: changeit
keytool error: java.lang.Exception: Failed to establish chain from reply
This is where I need your help. I followed the Tomcat instructions (
http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html) to the letter and
have been unsuccessful.
Thanks in advance
Patrick