-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Sean,
On 7/1/16 11:11 AM, Sean Son wrote:
> On Fri, Jul 1, 2016 at 2:57 AM, Daniel Savard
> <daniel.sav...@gmail.com> wrote:
>
>> 2016-06-29 9:08 GMT-04:00 Sean Son
>> <linuxmailinglistsem...@gmail.com>:
>>
>>> Hello Daniel
>>>
>>> Thank you for the information. Here is the output of the
>>> keytool command:
>>>
>>> Keystore type: JKS Keystore provider: SUN
>>>
>>> Your keystore contains 2 entries
>>>
>>> root, Jun 16, 2016, trustedCertEntry, Certificate fingerprint
>>> (SHA1):
>>> 27:AC:93:69:FA:F2:52:07:BB:26:27:CE:FA:CC:BE:4E:F9:C3:19:B8
>>> {b81d8607-57e9-4c35-a058-cd46099e7797}, Jun 16, 2016,
>>> PrivateKeyEntry, Certificate fingerprint (SHA1):
>>> 6C:67:52:63:6B:EF:A2:3D:CD:A7:CB:64:99:99:4F:9C:3E:85:B9:AA
>>>
>>>
>>> Is it possible that the error that I am seeing, is related to
>>> the fact that I am using a wildcard certificate?
>>>
>>
>> So, the first entry in the keystore isn't your certificate. As I
>> told you before, if you do not specify explicitely the alias of
>> the certificate so send, the first entry in the keystore is sent.
>> In this case, root.
>>
>> The attribute to tell the connector which certificate to send, is
>> keyAlias, however it seems your certificate has no alias in the
>> keystore.
>>
>> ----------------- Daniel Savard
>>
>
>
> Thank you for the reply. How would I go about specifying the alias
> of the certificate?
You may have to re-import it, but I've had bad experiences with Java
keystores so ALWAYS keep a backup in case you host something.
The first item in your keystore certainly looks like a certificate to
me. It's the *second* item that is a private key.
What if you add these attributes to your connector:
keyAlias="root"
?
If that doesn't work, try using a tool like Portecle to try to adjust
some things (like the "aliases"). It's much better and safer than
using keytool IMO. Remember ALWAYS KEEP A BACKUP!
- -chris
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBCAAGBQJXds3aAAoJEBzwKT+lPKRYioQQAIJXjzniDRnW2U9+W0d/x7M5
/6nBHRw42COjvmHMUC5fY0lQR0rESHYC3yDhkmuutpeYNJyLO/TWLYZUGnEHf7US
7S+2IcYM19AEbDnp8qvE4pMOshJwf7eRic7lBr1OfJ50CKjdzvv2EiSFwO8tdY+6
eYODI+ZBvC7/lUFZ/H9cGlxx2kQHcuzWoE2+9I5DRxzIPP04nN8sfKXHoEiPH97j
d4dQMBpbNC87P6HlcGxpoxcoCfYPpHLMae5PXdSLHnyvU6YKGCUkm5bRE4ieC9F1
ZjFIH+rJZW61wJw64PXOvMm9k6zFL2R5CIsEg3OdZa6Injh951nH3H5GEF7xvJHy
Z1heq6NmuwzHkYT0/vI4S141tscEziNqsTw2kMyV9+QFEHp1u3zin62gIoDXFaHf
jG33c1cWfl4zkWhzWeZcmEN/n6Z+N0x/RZpRugoRy0heero8VF5lgKnjn/7kHuLm
BCZgA5KrsNSYcnQCeDPqTVeKoUXmF0e92xsCAKRjYjBsSUo8Uc0rlu2GaJhYYQma
rIMKli4f5KVAd3vzj4DE8EdmLxNDfgHvftGVMbTViCMlhwwZqI8NA6wGhA+JCVeH
H29sXNh5D5txBfwz10UvEC9iGFRBWZ1jZfrSdEbb4Ra8acrrC+Er6bwgjB8MMAnX
QpMck2thv/QiUCIr7gIb
=LOtb
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
