You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Jeff Cousineau <co...@umich.edu> on 2002/12/06 21:17:42 UTC

signed SSL cert & tomcat

New to the list, so far I haven't found a definitive answer to this 
question in the archives, etc...

I'm using Tomcat 4.1.12 on RH Linux 7.3, as a standalone (w/o apache). 
I generated a CSR for my SSL cert using 'openssl' (not 'keytool'). 
After I received the official cert from Verisign, I created a new 
keystore file (using 'keytool') by importing first the chain/root cert, 
followed by my new cert.

When I restart tomcat I get the following error when attempting to go to 
my site:

"... cannot communicate securely because they have no common encryption 
algorithms"

I have a difficult time believing that tomcat will only recognize a cert 
whose CSR was created using 'keytool' (as opposed to 'openssl'), but 
thus far I've found nothing documented to suggest otherwise.

Any thoughts?

Thanks,

Jeff


--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>

RE: signed SSL cert & tomcat

Posted by "Noel J. Bergman" <no...@devtech.com>.

Jeff,

I haven't done that, yet, but does this help?

http://marsalis.internet2.edu/cgi-bin/viewcvs.cgi/*checkout*/shibboleth/DEPL
OY-GUIDE-ORIGIN.html?rev=HEAD&content-type=text/html#4.b.i.

	--- Noel


--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>

Re: signed SSL cert & tomcat

Posted by Joseph Stephen <jo...@yahoo.com>.

Try these link, it works

http://www.comu.de/docs/tomcat_ssl.htm

http://www.openssl.org/docs/apps/pkcs8.html#COMMAND_OPTIONS
 Let me know if you still face problems,

Regards,
Joseph

--- Jeff Cousineau <co...@umich.edu> wrote: > 
> New to the list, so far I haven't found a definitive
> answer to this 
> question in the archives, etc...
> 
> I'm using Tomcat 4.1.12 on RH Linux 7.3, as a
> standalone (w/o apache). 
> I generated a CSR for my SSL cert using 'openssl'
> (not 'keytool'). 
> After I received the official cert from Verisign, I
> created a new 
> keystore file (using 'keytool') by importing first
> the chain/root cert, 
> followed by my new cert.
> 
> When I restart tomcat I get the following error when
> attempting to go to 
> my site:
> 
> "... cannot communicate securely because they have
> no common encryption 
> algorithms"
> 
> I have a difficult time believing that tomcat will
> only recognize a cert 
> whose CSR was created using 'keytool' (as opposed to
> 'openssl'), but 
> thus far I've found nothing documented to suggest
> otherwise.
> 
> Any thoughts?
> 
> Thanks,
> 
> Jeff
> 
> 
> --
> To unsubscribe, e-mail:  
> <ma...@jakarta.apache.org>
> For additional commands, e-mail:
> <ma...@jakarta.apache.org>
>  

________________________________________________________________________
Missed your favourite TV serial last night? Try the new, Yahoo! TV.
       visit http://in.tv.yahoo.com

--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>