You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by "John Beaulaurier -X (jbeaulau - ADVANCED NETWORK INFORMATION INC at
Cisco)" <jb...@cisco.com.INVALID> on 2020/03/02 17:26:10 UTC
RE: OpenSSL config for Tomcat 7
Yes, that is what I have done.
-----Original Message-----
From: Jason Wee <pe...@gmail.com>
Sent: Friday, February 28, 2020 11:29 PM
To: Tomcat Users List <us...@tomcat.apache.org>
Subject: Re: OpenSSL config for Tomcat 7
when you stack them, do you mean you cat those certificates into one pem file?
On Sat, Feb 29, 2020 at 8:22 AM John Beaulaurier -X (jbeaulau - ADVANCED NETWORK INFORMATION INC at Cisco) <jb...@cisco.com.invalid> wrote:
>
> Hello,
>
> We're running Tomcat 7 and need to implement SSL. We are using
> APR/OpenSSL, but I can't get the intermediate certificates pulled in when starting Tomcat. The server certificate is recognized and used but not the other two. I have tried the following in PEM format.
>
>
> * Stacking them in one file and using the "SSLCertificateFile" directive
> * Using the "SSLCertificateFile" directive for the server cert, and "SSLCertificateChainFile" directive for the CA and root cert
>
>
> * APR 1.4.8
> * Tomcat 7.0.39
>
> Any additional information needed please let me know. Any insight would be greatly appreciated.
>
> Regards
> -John
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: OpenSSL config for Tomcat 7
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
John,
On 3/2/20 12:26, John Beaulaurier -X (jbeaulau - ADVANCED NETWORK
INFORMATION INC at Cisco) wrote:
> Yes, that is what I have done.
Can you please post your actual <Connector> configuration? Also,
please list the order of certificates in your SSLCertificateFile file.
Maybe:
$ grep '===' [SSLCertificateFile].pem
and post that?
- -chris
> -----Original Message----- From: Jason Wee <pe...@gmail.com>
> Sent: Friday, February 28, 2020 11:29 PM To: Tomcat Users List
> <us...@tomcat.apache.org> Subject: Re: OpenSSL config for Tomcat 7
>
> when you stack them, do you mean you cat those certificates into
> one pem file?
>
> On Sat, Feb 29, 2020 at 8:22 AM John Beaulaurier -X (jbeaulau -
> ADVANCED NETWORK INFORMATION INC at Cisco)
> <jb...@cisco.com.invalid> wrote:
>>
>> Hello,
>>
>> We're running Tomcat 7 and need to implement SSL. We are using
>> APR/OpenSSL, but I can't get the intermediate certificates pulled
>> in when starting Tomcat. The server certificate is recognized and
>> used but not the other two. I have tried the following in PEM
>> format.
>>
>>
>> * Stacking them in one file and using the "SSLCertificateFile"
>> directive * Using the "SSLCertificateFile" directive for the
>> server cert, and "SSLCertificateChainFile" directive for the CA
>> and root cert
>>
>>
>> * APR 1.4.8 * Tomcat 7.0.39
>>
>> Any additional information needed please let me know. Any insight
>> would be greatly appreciated.
>>
>> Regards -John
>>
>>
>
> ---------------------------------------------------------------------
>
>
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
> ---------------------------------------------------------------------
>
>
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/
iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl5dRI8ACgkQHPApP6U8
pFg/YxAAix8Mjs9gKydKDMJGra5ltPx1J7VuTMeFaLCp35QwxlqJL1iPMsN7fjpH
A/BAItqlIS6qPmOOwfe5PQMyr1FlQn73heimddpAu6WyuzPcOK6cLSY9cmEVUsJg
qQ5D/UmL0hqSDA3jcfoq7MvPU5GxvkK8QpHcnCOjFzVSd1XkZ3WqvTAkMN3JdJbM
tGdYHTyukCgvVcK0PtwGQvfOkxxFw/NaYJfzb0ka1D9Qt18OGQpEeZgJK48m72qN
0L681QG2grQZju50FZv+GCFLbNxBBfL1xV80B+q8+hzMc04T8s0HsVjtLJCAq08X
+mrwt7RcGPW/1nQLNI+JRzR0a1Epd0R9mZRTZQYUpSsGliOFucPqgCL33R2zCukm
/4X0ILEb73fGOfrzS9WhGJ18133jSCLAfrkW2zl0FfPTbliCw03kGOxcwOdbeY+w
jt0W3+KISWGZXUj0hSCgvASH10mNRVKxNioPgHX7LMSG0eAoHpj6+wClRM4FX9ca
3kf10sI0kX13D2gVjFyaAQXnLogUmNRrd75HtXNFZ0PcGoNQIzSemm/8crVxUHKI
jyWBaEpdRqX9H76D8YWaBwa7BaDYaU4amWB0jpGmcaUYTeoRW0w5KA4sOn7Q0ksV
KNIDj1KkOM71kSskHoB04923ns/TF1jlQsZzMUioiAtMalctwRI=
=rtZu
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org