You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Shahid Tamboli <sh...@gmail.com> on 2013/04/25 17:10:18 UTC
SSL configuration on Tomcat7.
Hello Everyone,
I am Shahid Tamboli and working at Mobimedia
Technologies, Pune, India. We are stuck up with configuring our server with
SSL. We have taken an Ubuntu instance on Amazon. We have installed Tomcat
on the server. The Tomcat version is Tomcat 7 We are facing issues of
configuring SSL certificates on my Tomcat server
We have followed the following steps of deploying the certificate.
http://www.networksolutions.com/support/installation-for-java-based-webservers-e-g-tomcat-using-keytool/<http://prolinks.rediffmailpro.com/cgi-bin/prored.cgi?red=http%3A%2F%2Fwww%2Enetworksolutions%2Ecom%2Fsupport%2Finstallation%2Dfor%2Djava%2Dbased%2Dwebservers%2De%2Dg%2Dtomcat%2Dusing%2Dkeytool%2F&isImage=0&BlockImage=0&rediffng=0>
On following the above steps we are getting error of certificate not
trusted and on contacting the Certificate Provider they told us to check
our installation again. Thus if anyone can help us on this issue
Thank You
--
Cheers Shahid!!!
RE: SSL configuration on Tomcat7.
Posted by "Carrillo, Dan" <dc...@idanalytics.com>.
You didn't provide very much information. But one thing to check is that the domain name of your site matches what you specified for the certificate.
-----Original Message-----
From: Shahid Tamboli [mailto:shahid1311@gmail.com]
Sent: Thursday, April 25, 2013 8:10 AM
To: users@tomcat.apache.org
Subject: SSL configuration on Tomcat7.
Hello Everyone,
I am Shahid Tamboli and working at Mobimedia Technologies, Pune, India. We are stuck up with configuring our server with SSL. We have taken an Ubuntu instance on Amazon. We have installed Tomcat on the server. The Tomcat version is Tomcat 7 We are facing issues of configuring SSL certificates on my Tomcat server We have followed the following steps of deploying the certificate.
http://www.networksolutions.com/support/installation-for-java-based-webservers-e-g-tomcat-using-keytool/<http://prolinks.rediffmailpro.com/cgi-bin/prored.cgi?red=http%3A%2F%2Fwww%2Enetworksolutions%2Ecom%2Fsupport%2Finstallation%2Dfor%2Djava%2Dbased%2Dwebservers%2De%2Dg%2Dtomcat%2Dusing%2Dkeytool%2F&isImage=0&BlockImage=0&rediffng=0>
On following the above steps we are getting error of certificate not trusted and on contacting the Certificate Provider they told us to check our installation again. Thus if anyone can help us on this issue Thank You
--
Cheers Shahid!!!
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: SSL configuration on Tomcat7.
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Ognjen,
On 4/25/13 4:47 PM, Ognjen Blagojevic wrote:
> Shahid, Chris,
>
> On 25.4.2013 19:14, Christopher Schultz wrote:
>> On 4/25/13 11:10 AM, Shahid Tamboli wrote:
>>> Hello Everyone, I am Shahid Tamboli and working at Mobimedia
>>> Technologies, Pune, India. We are stuck up with configuring
>>> our server with SSL. We have taken an Ubuntu instance on
>>> Amazon. We have installed Tomcat on the server. The Tomcat
>>> version is Tomcat 7 We are facing issues of configuring SSL
>>> certificates on my Tomcat server We have followed the following
>>> steps of deploying the certificate.
>>> http://www.networksolutions.com/support/installation-for-java-based-webservers-e-g-tomcat-using-keytool/<http://prolinks.rediffmailpro.com/cgi-bin/prored.cgi?red=http%3A%2F%2Fwww%2Enetworksolutions%2Ecom%2Fsupport%2Finstallation%2Dfor%2Djava%2Dbased%2Dwebservers%2De%2Dg%2Dtomcat%2Dusing%2Dkeytool%2F&isImage=0&BlockImage=0&rediffng=0>
>>>
>>>
>>>
>>>
On following the above steps we are getting error of certificate
>>> not trusted and on contacting the Certificate Provider they
>>> told us to check our installation again. Thus if anyone can
>>> help us on this issue
>>
>> Please tell us exactly what steps you took. I know you were
>> following an online "howto", but please start over again (e.g.
>> delete your keystore), and tell us how you went from a clean
>> installation of Tomcat to where you are today. You are likely
>> missing a step (or 2).
>
> No, no, no... do not delete keystore. That may be the only place
> where your private key is.
Erp... sorry! You are absolutely right. I keep forgetting how
astoundingly stupi... er, efficient! ... Java keystores are.
> If you delete your private key, you will have to generate new
> private key, and purchase new certificate.
This is true. I hope the OP reads this before blowing that file away.
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBCAAGBQJRed7tAAoJEBzwKT+lPKRYJwIP/RFIaEw65anffhuE9KRcQ75K
AY89quXsNKfu5L3lFRyjHM9VfZx4S6qD86ntmF94r0gM22Ka0LS0Lih8E6/lVe0j
fDEbU3pm0dgb/3gYrxJ7dDVoFOR2oqS1l5aNScKCwtPlad6bs3quJvLSjqVRermk
SyQ9iypv63/08QfMflkwUgzzkvWFrZ39Qd6fSi0vAkl/M1S8CbgLBGZnTMH6NZxh
+Xj3/2B8sTvzLrS/Nc0ez4vBbFQ8wmeQyGM6t5x7GIh128UEAK0AuIOHLNjd960i
yQOdFDDpIv29eoJlMvjvEsVVZk4h2fUK9LB0XnG2w+Eqr77AyEatMbE5F7BHpzFr
i3JThXgV7/ufhH0jIGWvGK4dwBD/zjz/e22E8/464j2dHLt38L6BuEXNMGMUcnK7
RCcmkWLtBgG6aTyjEDED7EpkYGpJJh1GmFM1BmefkSLDTJ0HWSPy1n14d7z4tv3L
KgxPcEQjG8lXw9US+GHJRO2yqUfSomh5fBxQyl/+kUJ8bJF+Fk+MGxYURevgR3PE
5LhCraNNT2HZzd7c3Y62F1tgpyXr18VzELYmFouYOQrYtpSEJzQnxXr3I5TkjcMo
+u4vcVjq3HZFFYJP7cKSXwXStm2GZWE2l2cTz5rd3tAmPiORNARM4sor0/4E3MKu
SCgPv5ofcL+7sGbzoSrr
=qx5U
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: SSL configuration on Tomcat7.
Posted by Ognjen Blagojevic <og...@gmail.com>.
Shahid,
Chris,
On 25.4.2013 19:14, Christopher Schultz wrote:
> On 4/25/13 11:10 AM, Shahid Tamboli wrote:
>> Hello Everyone, I am Shahid Tamboli and working at Mobimedia
>> Technologies, Pune, India. We are stuck up with configuring our
>> server with SSL. We have taken an Ubuntu instance on Amazon. We
>> have installed Tomcat on the server. The Tomcat version is Tomcat 7
>> We are facing issues of configuring SSL certificates on my Tomcat
>> server We have followed the following steps of deploying the
>> certificate.
>> http://www.networksolutions.com/support/installation-for-java-based-webservers-e-g-tomcat-using-keytool/<http://prolinks.rediffmailpro.com/cgi-bin/prored.cgi?red=http%3A%2F%2Fwww%2Enetworksolutions%2Ecom%2Fsupport%2Finstallation%2Dfor%2Djava%2Dbased%2Dwebservers%2De%2Dg%2Dtomcat%2Dusing%2Dkeytool%2F&isImage=0&BlockImage=0&rediffng=0>
>>
>> On following the above steps we are getting error of certificate
>> not trusted and on contacting the Certificate Provider they told us
>> to check our installation again. Thus if anyone can help us on this
>> issue
>
> Please tell us exactly what steps you took. I know you were following
> an online "howto", but please start over again (e.g. delete your
> keystore), and tell us how you went from a clean installation of
> Tomcat to where you are today. You are likely missing a step (or 2).
No, no, no... do not delete keystore. That may be the only place where
your private key is. If you delete your private key, you will have to
generate new private key, and purchase new certificate.
I guess Chris missed to notice that you gave us URL from commercial CA.
So, I propose that you just locate your keystore and run
keytool -list -keystore /path/to/my_keystore.jks
And send us the results here. Also send us your server.xml with comments
and passwords removed.
-Ognjen
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: SSL configuration on Tomcat7.
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Shahid,
On 4/25/13 11:10 AM, Shahid Tamboli wrote:
> Hello Everyone, I am Shahid Tamboli and working at Mobimedia
> Technologies, Pune, India. We are stuck up with configuring our
> server with SSL. We have taken an Ubuntu instance on Amazon. We
> have installed Tomcat on the server. The Tomcat version is Tomcat 7
> We are facing issues of configuring SSL certificates on my Tomcat
> server We have followed the following steps of deploying the
> certificate.
> http://www.networksolutions.com/support/installation-for-java-based-webservers-e-g-tomcat-using-keytool/<http://prolinks.rediffmailpro.com/cgi-bin/prored.cgi?red=http%3A%2F%2Fwww%2Enetworksolutions%2Ecom%2Fsupport%2Finstallation%2Dfor%2Djava%2Dbased%2Dwebservers%2De%2Dg%2Dtomcat%2Dusing%2Dkeytool%2F&isImage=0&BlockImage=0&rediffng=0>
>
> On following the above steps we are getting error of certificate
> not trusted and on contacting the Certificate Provider they told us
> to check our installation again. Thus if anyone can help us on this
> issue
Please tell us exactly what steps you took. I know you were following
an online "howto", but please start over again (e.g. delete your
keystore), and tell us how you went from a clean installation of
Tomcat to where you are today. You are likely missing a step (or 2).
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBCAAGBQJReWRcAAoJEBzwKT+lPKRYRwsQAKICvLmY0lOyDEc9MVgIDY4f
suloGbVGQCC9g5GfVs9qmMnac6Ruz6WCqrjyDGRdcGwZxhwfkouoRK0cbiHJgLIn
5w5h8y+otFMaq1tzrBRPBp13wilPravSOkSFEREKuTj6he+vc5lN1ANnOi8NGk1h
Mk/ETbie6QH4XUfzg8HpR9GfTq9eItluPnFWwQKzpdtg0DIlEwZzMGe0zYr0Rhjo
bU2wA9IoTVXPKprlWsXI4imMiCs9YEyE7qmbWQl6nwL1j0zomzJXuyeyqPKM8G+J
ZPBh3udF7p3PUx2LhZMWpakI+9tqOBXynxr+RMhdcb0ogXA99xv0c8lKixbTR5D0
vtEPxVP9YcJzaS4MimCQeZfAeAh9EF19RqI57n8TN0POAPXnRgJaGdUqBcs9Jx34
4k5kjrQMMNCBVk/DGKKR0TwaoeOap7vL8TFVTcrYqcfQ1DMyeC5t0kRDH0z2m0pp
1AMiLcdgEsr5xyuyIAG4EQXAtFzsJn4MNkvo051JCrQkfmEEKutZp0sZdpRGHtOk
WPXlctMEI2UEd3Or4CYC0BtZ8BzU/hlJPmo/8g47jXcqtqUiu1P0KRRIvciNbFLI
i2GHz99pGJpxVg0fo6gF+5NFIyujziClqcYCmkpkEicGXJi1zyTBvToZvNIZwnRT
JlC3o06nDSVeVgsCSnpG
=xcyh
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org