You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by An...@cetip.com.br on 2002/02/21 20:51:47 UTC
change passwd for keystore
I´m trying others methods for install SSL CA Certificates on Tomcat4 and I
created a keystore with blank passwd anda now I
trying to change the passwd without sucessfull.
I simple made:
keytool -storepasswd
Enter keystore password: changeit
then I made the comand:
keytool -keypasswd -alias importkey
Enter keystore password: changeit
Enter key password for <importkey>: changeit
keytool error: java.security.UnrecoverableKeyException: Cannot recover key
How can I change my passwd without problems?
Could anybody help me?
I need this urgently....
Thanks a lot.
Angelica
> -----Mensagem original-----
> De: Angelica
> Enviada em: terça-feira, 19 de fevereiro de 2002 15:23
> Para: 'tomcat-user@jakarta.apache.org'
> Assunto: Import CA SSL Certificate in Tomcat 4.0
>
>
> Hello,
>
> I have been some problems with import SSL CA Certificates on Tomcat4. It
> just doesn´t running!!
>
> I generated a key with openssl e send it to authority VeriSign that send
> me two files with the certificate. Then I have three files:
> cetipnet.key (The public key I generated by openssl)
> cetipnet.crt (The certificate sent to me by Verisign)
> cetipnet.ca.crt (valid certificate by Certification Authority)
>
> I try do the following commands:
>
> keytool -import -v -trustcacerts -alias tomcat -file cetipnet.crt
>
> Then , when I start the tomcat and see by page https://localhost:8443
> occurs error sayind that the page connot appears.
>
> I would like to know if there is some way to import valid certificate by
> Certification Authority (not selfSign) and how can I install it.
>
> When I try to generate a SSL certificate (RSA) for tomcat 4.0 it works
> fine!! But I need to import a trusted CA Certificate from VeriSign and it
> didn´t work.
>
> Could you help me please?
>
--
To unsubscribe: <ma...@jakarta.apache.org>
For additional commands: <ma...@jakarta.apache.org>
Troubles with the list: <ma...@jakarta.apache.org>
Re: change passwd for keystore
Posted by Chuck Amadi <ch...@breconbeacons.org>.
Angelica@cetip.com.br wrote:
>I╢m trying others methods for install SSL CA Certificates on Tomcat4 and I
>created a keystore with blank passwd anda now I
>trying to change the passwd without sucessfull.
>I simple made:
>keytool -storepasswd
>Enter keystore password: changeit
>then I made the comand:
>keytool -keypasswd -alias importkey
>Enter keystore password: changeit
>Enter key password for <importkey>: changeit
>keytool error: java.security.UnrecoverableKeyException: Cannot recover key
>
>How can I change my passwd without problems?
>Could anybody help me?
>I need this urgently....
>
>Thanks a lot.
>Angelica
>
>> -----Mensagem original-----
>>De: Angelica
>>Enviada em: terГa-feira, 19 de fevereiro de 2002 15:23
>>Para: 'tomcat-user@jakarta.apache.org'
>>Assunto: Import CA SSL Certificate in Tomcat 4.0
>>
>>
>>Hello,
>>
>>I have been some problems with import SSL CA Certificates on Tomcat4. It
>>just doesn╢t running!!
>>
>>I generated a key with openssl e send it to authority VeriSign that send
>>me two files with the certificate. Then I have three files:
>>cetipnet.key (The public key I generated by openssl)
>>cetipnet.crt (The certificate sent to me by Verisign)
>>cetipnet.ca.crt (valid certificate by Certification Authority)
>>
>>I try do the following commands:
>>
>>keytool -import -v -trustcacerts -alias tomcat -file cetipnet.crt
>>
>>Then , when I start the tomcat and see by page https://localhost:8443
>>occurs error sayind that the page connot appears.
>>
>>I would like to know if there is some way to import valid certificate by
>>Certification Authority (not selfSign) and how can I install it.
>>
>>When I try to generate a SSL certificate (RSA) for tomcat 4.0 it works
>>fine!! But I need to import a trusted CA Certificate from VeriSign and it
>>didn╢t work.
>>
>>Could you help me please?
>>
>
>--
>To unsubscribe: <ma...@jakarta.apache.org>
>For additional commands: <ma...@jakarta.apache.org>
>Troubles with the list: <ma...@jakarta.apache.org>
>
Why can't you locate the keystore and delete and re-created another
keystore and thus sort out your password by configuring your SSL
connector. (CATALINA_HOME/confserver.xml file ).
1) Return and re-create keystore file.
2) Or you can add or update the keysroePass attribute on the <Factory>
element.
Note this can be found in SSL Configuration How - To .
<!-- Define an SSL HTTP/1.1 Connector on port 8443(7777) -->
<Connector className="org.apache.catalina.connector.http.HttpConnector"
port="7777" minProcessors="5" maxProcessors="75"
enableLookups="true"
acceptCount="10" debug="0" scheme="https" secure="true">
<Factory className="org.apache.catalina.net.SSLServerSocketFactory"
clientAuth="false"
*keystoreFile="C:/WINDOWS/Profiles/chucka/.keystore"
keystorePass="test123"*
protocol="TLS"/>
</Connector>
Cheers Chuck Amadi
Systems Programmer
--
To unsubscribe: <ma...@jakarta.apache.org>
For additional commands: <ma...@jakarta.apache.org>
Troubles with the list: <ma...@jakarta.apache.org>