I seemed to have tried everything to get ssl to work but the server won't start with my keystore. Here is what I do (using jdk1.3): keystore -genkey -keyalg "RSA" -keystore keystore -storepass 123456 -validity 360 keytool -certreq -keyalg "RSA" -file www.pawnbroker.com.csr -keystore keystore paste to https://www.thawte.com/cgi/server/test.exe I select : 360 days valid valid from now type of cert is Test SSL Chained CA Cert cert format is default I past the result into www.pawnbroker.com.cer Type keytool -import -trustcacerts -file www.pawnbroker.com.cer -keystore keystore and create the keystore file In the default xml property: I set secure to true <ssl-config keystore="../../bin/keystore" keystore-password="123456"/> (my keystore is in d:\jdk1.3\bin) Whenever I try to start I get: Error starting HttpServer: Unable to intialize SSLServerSocketFactory 'com.evermind.ssl.JSSESSLServe rSocketFactory': Invalid keystore format Orion/1.0.3 initialized. Can someone please tell me what I am doing wrong?