Nevermind, I have found the keystore and have
imported the certificate. I believe my problems now have to do with our
clustering/load balancing configuration. We are currently using an
Alteon Acedirector 3 for our load balancer. We are also using clustering
to maintain sessions. I think the error I have been
getting:
"Error listening to SSLServerSocket: No available
certificate corresponds to the SSL cipher suites which are
enabled."
is because our certificate is for our virtual IP,
and not for our local machine, and therefore Orion is unable to load the
certificate correctly because it isnt for the local host. The question
is, how do I configure Orion to load a certificate for our virtual site?
Here is my configuration, with some entries modified to protect the
innocent:
<web-site host="localhost.simpledevices.com"
port="8443" cluster-island="1" secure="true" display-name="SMS
WebSite">
<default-web-app
application="sms" name="sms-web"
shared="true"
load-on-startup="false" />
<ssl-config keystore="../keys/keystore" keystore-password="123456"
/>
<frontend
host="virtual.simpledevices.com"
port="443"/>
<access-log
path="../log/sms-web-access.log" />
</web-site>
I have tried setting the web-site host="[ALL]",
but I get an error saying I cannot cluster with that configuration.
Though I no longer get the SSLServerSocket error.
Thanks for any help,
Steve
----- Original Message -----
Sent: Wednesday, October 17, 2001 3:43
PM
Subject: Yup, SSL question
So, I do not have the original keystore file
generated during the certificate request, but I have the original
certificate request private key file, as well as the certificate file from
Thawte. How do I get them both into a working keystore?
Steve