You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Ross Rankin <ro...@careerfish.com> on 2004/06/11 16:45:17 UTC
Still using Self-signed Cert... How to stop it...
Ok, I can't figure this out. I'm sure it's simple and I'm just missing it.
I created a tomcat server initially with a self-signed certificate to move
forward with testing while our cert authority was re-gen-ing a certificate
for us.
Now, create a new keystore with the root certificate imported, update the
path in server.xml, however the server is still using the self-signed cert.
What am I missing?
You can go to https://www.careerfish.com <https://www.careerfish.com/> to
see the self-cert.
I am installing on:
Tomcat Version JVM Version JVM Vendor OS
Name OS Version OS Architecture
Apache Tomcat/4.1.30 1.4.2_04-b05 Sun Microsystems Inc. Linux
2.4.20-8smp i386
Here's a listing of the installed certs:
[root@www1 logs]# keytool -list -keystore /etc/careerfish.key
Enter keystore password:
Keystore type: jks
Keystore provider: SUN
Your keystore contains 3 entries
root, Jun 3, 2004, trustedCertEntry,
Certificate fingerprint (MD5):
C4:D7:F0:B2:A3:C5:7D:61:67:F0:04:CD:43:D3:BA:58
tomcat, Jun 2, 2004, keyEntry,
Certificate fingerprint (MD5):
DE:93:10:3A:D1:1E:05:83:E4:EC:E0:18:D7:98:7D:FE
comodo, Jun 3, 2004, trustedCertEntry,
Certificate fingerprint (MD5):
2D:03:24:A9:05:F4:C8:A0:81:E9:98:9B:F5:C0:5D:21
Here's the relevant server.xml piece:
<Connector className="org.apache.coyote.tomcat4.CoyoteConnector" port="443"
minProcessors="5" maxProcessors="75" enableLookups="true" acceptCount="100"
debug="0" scheme="https" secure="true" useURIValidationHack="false"
disableUploadTimeout="true">
<Factory className="org.apache.coyote.tomcat4.CoyoteServerSocketFactory"
keystoreFile="/etc/careerfish.key" keystorePass="xxxxx" clientAuth="false"
protocol="TLS" />
</Connector>
Thanks.
Ross Rankin
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org