-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
James,
On 1/23/12 6:19 PM, James Lampert wrote:
Christopher Schultz wrote:
Did you also put your server's key into the keystore?
It seems that when the customer rep jumped the gun and submitted a
CSR to Thawte before we even had Tomcat running
James,
On 19.1.2012 18:05, James Lampert wrote:
You must find keystore with earlier generated key pair (the one you
also used to generate CSR for CA), and import all three certificates
into that keystore.
At this point, I still don't have the keystore used to generate the CSR,
but I *do* now
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
James,
On 1/18/12 12:37 PM, James Lampert wrote:
So far, I've had complete success using self-signed certificates,
both here and on the customer box, once I found out that the CN
needs to match the domain name.
;)
But now, we're trying to get
Christopher Schultz wrote:
Did you also put your server's key into the keystore?
It seems that when the customer rep jumped the gun and submitted a CSR
to Thawte before we even had Tomcat running on a self-signed
certificate, he did so using IBM DCM, whose keystores are incompatible
with
James,
On 19.1.2012 1:41, James Lampert wrote:
secondary, Jan 18, 2012, trustedCertEntry,
Certificate fingerprint (MD5):
EB:A3:71:66:38:5E:3E:F4:24:64:ED:97:52:E9:9F:1B
wintouch, Jan 18, 2012, trustedCertEntry,
Certificate fingerprint (MD5):
55:D7:4D:D4:83:01:D6:E0:EB:A4:F3:9A:06:BD:87:38
Ognjen Blagojevic wrote:
You must find keystore with earlier generated key pair (the one you also
used to generate CSR for CA), and import all three certificates into
that keystore.
Dear Ognjen:
Thanks. That does sound vaguely like something we went through ourselves
some years ago, when
Ognjen Blagojevic wrote:
You must find keystore with earlier generated key pair (the one you also
used to generate CSR for CA), and import all three certificates into
that keystore.
Dear Ognjen:
At this point, I still don't have the keystore used to generate the CSR,
but I *do* now have
So far, I've had complete success using self-signed certificates, both
here and on the customer box, once I found out that the CN needs to
match the domain name.
But now, we're trying to get the customer box up on a CA-signed
certificate, and Tomcat doesn't like it. (Given that we haven't
I've now got the CA certificates the customer representative is trying
to use here, and I'm attempting to test them on our box.
I followed these instructions:
https://search.thawte.com/support/ssl-digital-certificates/index?page=contentactp=CROSSLINKid=SO15518
rather than the ones here:
Caused by: java.io.IOException: SSL configuration is invalid due to No
available certificate or key corresponds to the SSL cipher suites which are
enabled.
Are you sure you have downloaded the correct intermediate certs?
*Note:* When executing the command to import the SSL certificate, you
Dear Igor (et al):
Thanks for getting back to me. To answer the questions (and pose a few
more):
Igor Cicimov wrote:
Are you sure you have downloaded the correct intermediate certs?
I didn't download them myself; neither did I place the order. But I'll
pass this on to the fellow who did.
11 matches
Mail list logo
