Setting up Tomcat for SSL

[Peter Glynn <gl...@tcd.ie>]

Hi All,
I am new to the java security etc, as you might have guessed.
I have been trying to set up my apsche tomcat for ssl by using the Tomcat and SSL documentation that is in the tomcat user guide.
1.  The first thing it asks me to do is add the JSSE jars to the classpath - no problem
2.  Check SSL activated in server.xml  - no problem giving the value of the keystore <Parameter name="keystore" value="/var/tomcat/conf/keystore" /> 
3. create a SSL certificate for tomcat.
  a.. Add JSSE jars to CLASSPATH 
  b.. Edit $JAVA_HOME/jre/lib/security/java.security Add: security.provider.2=com.sun.net.ssl.internal.ssl.Provider 
  c.. Do: keytool -genkey -alias tomcat -keyalg RSA RSA is essential to work with Netscape and IIS. Use "changeit" as password. ( or add keypass attribute ) You don't need to sign the certificate. You can set parameter keystore and keypass if you want to change the default ( user.home/.keystore with changeit )

When I run keytool -genkey -alias tomcat -keyalg RSA and then enter in the password "changeit"
I get this error.
keytool error: java.io.IOException: Keystore was tampered with, or password was
incorrect

Does anybody know what I am doing wrong or am I doing it the right way? Please help I'd love to get SOAP SSL working.
Thanks Peter.