"Mike Korcynski" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] >I have Tomcat and Apache HTTP server running on the same machine. I > have a key and certificate for the HTTP server set up and working > properly. I have an application running in tomcat, I want to make the > application available directly via Tomcat using SSL and use the same > cert I'm already using for the HTTP server. The hostname is the same so > I would think I should be able to do this but I'm having all sorts of > trouble. For this particular application I can't proxy through HTTP > over the loopback. > > The problem seems to be if I import the cert into the java keystore, it > doesn't complain but I get a message in the browser that says: > > "Firefox and yourserver.com cannot communicate securely because they > have no common encryption algorithm." > > I'm guessing I need to also import the private key into the keystore > somehow but I can not find any info on how to import an existing private > key into an empty keystore, has anyone successfully done this? Can you > provide me with the steps I'd need to follow to do it? >
I find the easiest it to import the Apache cert and key into a PKCS12 keystore (as documented at http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html). An alternative approach is at http://www.comu.de/docs/tomcat_ssl.htm. Of course, if you are using the APR Connector, then your private key and cert are already in the correct format, but you need to configure Tomcat via http://tomcat.apache.org/tomcat-5.5-doc/apr.html. > Thanks for your help, > > Mike --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]