On Fri, 4 Mar 2005 06:54:34 -0800, Sweeney, Bill <[EMAIL PROTECTED]> wrote: > Hello TC5 Users - > I used %java-home%/bin/keytool to build the certificate store and the > server and client certificates (self-signed). Tomcat asks for the > client certificate when I try and connect, but - here is the problem: > > (1) I can't seem to get the client key to export properly so that I can > install it in the browser; how do I get a .pfx out of the keystore?
I think you are going to have to use openssl to convert the file after exporting it, http://www.mindreef.com/products/4.1/help/sslcerts.html has a little info on that but the reverse. I'm sure there are better resources but that was the first Google I saw. > (2) How can I validate which certificate store is being used by tomcat? > (I made a few along the way in testing) There is a parameter (keyStoreFile?) that you can specify the location in the Connector properties it's detailled in one of those links you have. > (3) I set debug="3" in the SSL connector but am not seeing the SSL > handshake in stdout. Is there some other way for setting debug to see > the handshake? Not sure on that one. Regards, -- Jason Bainbridge http://kde.org - [EMAIL PROTECTED] Personal Site - http://jasonbainbridge.com --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
