You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Ken <ka...@pacific.net> on 2000/08/15 23:07:34 UTC
SSL working, but how to use a certificate?
Thanks for all of your help.
Tomcat is now running SSL in standalone mode and talking nicely with
netscape and IE.
Next, I'd like to make this function in a useful way!
How do I use an existing SSL certificate and private keyfile in tomcat?
I need to be able to either request new certificates by generating csr's
like we do with c2net's apache stronghold - that I can plug into tomcat
for specific domains, or import existing certificates.
I am able to use keytool to import a certificate file, but I don't know
where to put the private key??
Tomcat complains "IOException reading request, ignored -
javax.net.ssl.SSLException: no cipher suites in common" and Netscape
says it "can't communicate securely."
I basically understand how keytool works, but I must be missing
something bigger. A point toward the right documentation would be great.
Thanks,
-Ken
Re: SSL working, but how to use a certificate?
Posted by Philip Smith <ph...@imana.com>.
I believe I had a similar problem. The fix that worked for me is to make
sure the certificate is signed with an RSA generated key. The keyview
default is DSA. I assume this allows the web browser to decrypt the
certificate and negotiate the cipher suite. See the keyview manual page.
$ keytool -genkey -keyalg RSA ....
Regards,
Ken wrote:
> Thanks for all of your help.
> Tomcat is now running SSL in standalone mode and talking nicely with
> netscape and IE.
>
> Next, I'd like to make this function in a useful way!
>
> How do I use an existing SSL certificate and private keyfile in tomcat?
> I need to be able to either request new certificates by generating csr's
> like we do with c2net's apache stronghold - that I can plug into tomcat
> for specific domains, or import existing certificates.
>
> I am able to use keytool to import a certificate file, but I don't know
> where to put the private key??
> Tomcat complains "IOException reading request, ignored -
> javax.net.ssl.SSLException: no cipher suites in common" and Netscape
> says it "can't communicate securely."
>
> I basically understand how keytool works, but I must be missing
> something bigger. A point toward the right documentation would be great.
>
> Thanks,
> -Ken
--
Philip Smith
philip@imana.com
http://www.imana.com
(415) 437-1447