Attempting to SSL enable tomcat 4.04. Have implemented JSSE. SSL works fine when I create a keystore with a self generated certificate.
keytool -genkey -alias tomcat -keyalg RSA -keystore .keystore We now want to cutover using a production certificate. We create a .cer file by accessing our production web site and export the certificate to a .cer file. then using the keytool we import the .cer file keytool -v -import -file prod.cer -keystore .keystore When we inspect the .keystore file using the -list switch we see the original self signed certificate and the production certificate. Now when we implement the .keystore in tomcat, only the original self generated certificate is presented to the browser, not the production certificate. So, using the keytool we delete the original self generated certificate. So we are only left with the newly imported production certificate. When we implement this updated .keystore file with only the production cert, the browser and tomcat fail to negotiate. Tomcat binds to port 8843 but the ssl negotiation between browser and server is hosed. Has anybody ever gotten tomcat & ssl to work with a non self generated certificate? Can you please help? Thanks, John D'Esposito IBM Global Web Architecture - Project Office - Application Integration phone: 732-927-0399