Are you able to see the 8443 port listening? nc -z <ipaddress> 8443
On Mon, Nov 24, 2014 at 11:25 AM, Kernel freak <kernelfr...@gmail.com> wrote: > I have added the certificate. I modified the server.xml code to add the > following lines : > <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" > maxThreads="150" > scheme="https" secure="true" clientAuth="false" > sslProtocol="TLS" > keystoreFile="/root/.keystore" keystorepass="password for > keystore" /> > > Now when I open the application, it redirects to https, but it says unable > to connect, your connection to this website maynotbe encrypted. What am I > doing wrong? > > > > On Mon, Nov 24, 2014 at 5:20 PM, Niranjan Babu Bommu < > niranjan.bo...@gmail.com> wrote: > > > Sorry, I did not notice that. > > > > > > - *Import a root or intermediate CA certificate to an existing Java > > keystore* > > > > keytool -import -trustcacerts -alias root -file *ca.crt* -keystore > > *yourkeystore.jks* > > > > > > On Mon, Nov 24, 2014 at 11:02 AM, Kernel freak <kernelfr...@gmail.com> > > wrote: > > > > > Thank you, and what about the CA-Bundle file? Did you got a chance to > > look > > > at the question I have posted on Stackoverflow mentioned in the > original > > > question? > > > > > > On Mon, Nov 24, 2014 at 4:51 PM, Niranjan Babu Bommu < > > > niranjan.bo...@gmail.com> wrote: > > > > > > > Hi Kernel, > > > > > > > > I think you have create a keystore from the cert, please follow these > > > > instruction and ket me know. > > > > > > > > Create store with temporary key inside: > > > > > > > > keytool -genkey -alias <alias name> -keystore yourkeystore.jks > > -storepass > > > > Hello1 > > > > Then delete existing entry: > > > > > > > > keytool -delete -alias temp -keystore yourkeystore.jks -storepass > > Hello1 > > > > Now you've got empty store. You can check that it's empty: > > > > > > > > keytool -list -keystore yourkeystore.jks -storepass Hello1 > > > > Then import your certificate to the store: > > > > > > > > keytool -import -alias <alias name> -file cert_file.crt -keypass > > keypass > > > > -keystore yourkeystore.jks -storepass Hello1 > > > > > > > > > > > > Thanks > > > > Niranjan > > > > > > > > > > > > On Mon, Nov 24, 2014 at 10:13 AM, Kernel freak < > kernelfr...@gmail.com> > > > > wrote: > > > > > > > > > Hello friends, > > > > > > > > > > I am using apache tomcat and I would like to deploy a Spring-MVC > > > > > application which I am working on. In that, via Spring-Security I > > have > > > > > specified to use https which requires to install the SSL > certificate > > on > > > > the > > > > > server. > > > > > I am running a Debian Wheezy server, and I have certificate files > > with > > > > > extension as .crt and .ca-bundle. Unfortunately I cannot find any > > > > resources > > > > > which mention where and how to install these files. What I found > was > > > > these > > > > > files are meant for webserver. Is that correct? If yes, can I use > > them > > > to > > > > > deploy these 2 files? Kindly let me know. Also if anyone can help > me > > > with > > > > > one more problem I have posted on StackOverflow : > > > > > > > > > > > > > > > > > > > > http://stackoverflow.com/questions/27106983/configuring-apache-tomcat-to-start-webapp-by-default > > > > > > > > > > Regards, > > > > > Kernel > > > > > > > > > > > > > > > > > > > > > -- > > > > *Thanks* > > > > *Niranjan* > > > > *+1 781.956.6900* > > > > > > > > > > > > > > > -- > > *Thanks* > > *Niranjan* > > *+1 781.956.6900* > > > -- *Thanks* *Niranjan* *+1 781.956.6900*
