Larry,
Make sure that you’re closing any resource that you’ve opened.
Jeff
Sent from Windows Mail
From: Cohen, Laurence
Sent: Wednesday, September 2, 2015 2:54 PM
To: Tomcat Users List
Hi,
We have a webserver and an appserver, and the webserver talks to the
>> openssl s_client -tls1 -connect server-dns-name:15305 -CAfile
>> server-cert-with-intermediate-and-root-in-one-file.cer -cert
>> client-public-key.cer -key client-private-key.key -pass
>> pass:client-private-key-password
I've had trouble when there are more certificate packaged in the same
Mark,
It turns out that the root certificate was a combination of g1 and g2, and that
this causes a problem for keytool. I downloaded the single root certificate
gdroot-g2.crt and used it to replace the root certificate. That fixed the
problems.
Jeff
Sent from Windows Mail
From:
I’ve been using Tomcat for about fours years. I’ve developed websites and
services that used certificates based upon SHA1. Today I purchased a new
certificate from GoDaddy based upon using “-sigalg SHA256withRSA”.
So for this new service I executed the following commands in the directory of
keytool -delete -alias tomcat -keystore tomcat.keystore
You deleted the key at this point. There should be no need to do this.
Mark
Mark,
I rekeyed my certificate from a newly created tomcat.keystore and imported in
the root and immediate certificates, then I got this when I imported my
Ognjen,
You were correct. The GoDaddy GA2 certificate was not in the root
distributions. I re-keyed it to GA1 and that fixed the problems.
Thank you all.
Jeff Crump
Sent from Windows Mail
From: Ognjen Blagojevic
Sent: Friday, April 4, 2014 3:14 AM
To: Tomcat Users
I’m using tomcat 7.0.50 on CentOS 6.5 on a headless blade server; 8 processor
cores, 18 GB RAM.
My java client is opening an HttpsURLConnection:
SSLContext sc = SSLContext.getInstance(TLS);
sc.init(null, null, null);
Chris,
Sent from Windows Mail
From: Christopher Schultz
Sent: Thursday, April 3, 2014 1:55 PM
To: Tomcat Users List
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Jeffrey,
On 4/3/14, 2:25 PM, jeffery.scott.cr...@gmail.com wrote:
I’m using tomcat 7.0.50 on CentOS 6.5
I tried ssllabs but it doesn't support SSL on port 8443, but digicert did show
that everything was correct in the chain.
I've run my client program with the -Djavax.net.debug=all option. First it
listed out all of the trusted authorities. Mine is GoDaddy and this is the
record:
04/03/2014
