Sean,
On 5.7.2016 17:14, Sean Son wrote:
Hello Daniel and all
Here is the output.. the full output
http://pastebin.com/AQckw6ig
Keytool output indicates that there are two entries in keystore:
1. Entry with alias "root", created Jun 16, 2016, which is intermediate
certificate for Go Daddy:
Owner: CN=Go Daddy Secure Certificate Authority - G2 ...
Issuer: CN=Go Daddy Root Certificate Authority - G2 ...
This is "trustedCertEntry", which means that it does not contain a
private key, and therefore may not be used for encryption necessary for
TLS / HTTPS communication.
2. Entry with alias "{b81d8607-57e9-4c35-a058-cd46099e7797}", created
Jun 16, 2016. This is certificate for domain example.com, signed by Go
Daddy:
Owner: CN=*.example.com, OU=Domain Control Validated
Issuer: CN=Go Daddy Secure Certificate Authority - G2, ...
This is PrivateKeyEntry which means that it contains private and public
key pair, and since owner is different from issuer it means it also
contains associated certificate. This entry may be used to encrypt data
for TLS / HTTPS communication.
Therefore, you must point Tomcat to use second entry from your keystore.
Try adding keyAlias="{b81d8607-57e9-4c35-a058-cd46099e7797}" to your
connector configuration.
-Ognjen
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org