You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Jeff Cousineau <co...@umich.edu> on 2002/12/06 21:17:42 UTC
signed SSL cert & tomcat
New to the list, so far I haven't found a definitive answer to this
question in the archives, etc...
I'm using Tomcat 4.1.12 on RH Linux 7.3, as a standalone (w/o apache).
I generated a CSR for my SSL cert using 'openssl' (not 'keytool').
After I received the official cert from Verisign, I created a new
keystore file (using 'keytool') by importing first the chain/root cert,
followed by my new cert.
When I restart tomcat I get the following error when attempting to go to
my site:
"... cannot communicate securely because they have no common encryption
algorithms"
I have a difficult time believing that tomcat will only recognize a cert
whose CSR was created using 'keytool' (as opposed to 'openssl'), but
thus far I've found nothing documented to suggest otherwise.
Any thoughts?
Thanks,
Jeff
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
RE: signed SSL cert & tomcat
Posted by "Noel J. Bergman" <no...@devtech.com>.
Jeff,
I haven't done that, yet, but does this help?
http://marsalis.internet2.edu/cgi-bin/viewcvs.cgi/*checkout*/shibboleth/DEPL
OY-GUIDE-ORIGIN.html?rev=HEAD&content-type=text/html#4.b.i.
--- Noel
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: signed SSL cert & tomcat
Posted by Joseph Stephen <jo...@yahoo.com>.
Try these link, it works
http://www.comu.de/docs/tomcat_ssl.htm
http://www.openssl.org/docs/apps/pkcs8.html#COMMAND_OPTIONS
Let me know if you still face problems,
Regards,
Joseph
--- Jeff Cousineau <co...@umich.edu> wrote: >
> New to the list, so far I haven't found a definitive
> answer to this
> question in the archives, etc...
>
> I'm using Tomcat 4.1.12 on RH Linux 7.3, as a
> standalone (w/o apache).
> I generated a CSR for my SSL cert using 'openssl'
> (not 'keytool').
> After I received the official cert from Verisign, I
> created a new
> keystore file (using 'keytool') by importing first
> the chain/root cert,
> followed by my new cert.
>
> When I restart tomcat I get the following error when
> attempting to go to
> my site:
>
> "... cannot communicate securely because they have
> no common encryption
> algorithms"
>
> I have a difficult time believing that tomcat will
> only recognize a cert
> whose CSR was created using 'keytool' (as opposed to
> 'openssl'), but
> thus far I've found nothing documented to suggest
> otherwise.
>
> Any thoughts?
>
> Thanks,
>
> Jeff
>
>
> --
> To unsubscribe, e-mail:
> <ma...@jakarta.apache.org>
> For additional commands, e-mail:
> <ma...@jakarta.apache.org>
>
________________________________________________________________________
Missed your favourite TV serial last night? Try the new, Yahoo! TV.
visit http://in.tv.yahoo.com
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>