2016-06-28 16:24 GMT-04:00 Sean Son <linuxmailinglistsem...@gmail.com>: <snip/>
> > as for the output to the keytool command: > > Isnt the output to that command, confidential information? > > No, there isn't anything confidential from the output of a simple -list. It doesn't display the private key or anything like that. It will just show the list of certificates in your keystore. The first entry in the keystore will be the one sent back by the Tomcat server since you didn't specify any alias. So, I assume this is the intended behavior. Since you do not specify any trust store, the default trust store shipped with your version of Java will be used. If the clients trying to connect are not having certificats signed by one of these, it will fails. It may not be a problem in your case since you do not provide any details on the clients' certificates. Regards, ----------------- Daniel Savard