Martin, I would be going from JDK version 1.4 to 1.5 or later. So it sounds like I will have to generate a CSR for the new JDK version and I will have to involve my CA by reissueing the cert. I am thinking correctly? So there is no way to reuse the keystore with the new JDK version?
Thanks for the reply? Will -----Original Message----- From: Martin Gainty [mailto:[EMAIL PROTECTED] Sent: Tuesday, March 20, 2007 8:45 AM To: [EMAIL PROTECTED] Cc: Tomcat Users List Subject: Re: Importing an existing SSL cert into a newer JDK version Hi Will- Generate private key $JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA -keystore /path/to/domainname.kdb then Generate the CSR $JAVA_HOME/bin/keytool -certreq -alias tomcat -keystore /path/to/keystore.kdb -file filename.csr so if you change $JAVA_HOME say from JDK 1.3 to JDK 1.4 (which has JSSE integrated) then I would re-create the private-key and the csr Makes Sense? M- --------------------------------------------------------------------------- This e-mail message (including attachments, if any) is intended for the use of the individual or entity to which it is addressed and may contain information that is privileged, proprietary , confidential and exempt from disclosure. If you are not the intended recipient, you are notified that any dissemination, distribution or copying of this communication is strictly prohibited. --------------------------------------------------------------------------- Le présent message électronique (y compris les pièces qui y sont annexées, le cas échéant) s'adresse au destinataire indiqué et peut contenir des renseignements de caractère privé ou confidentiel. Si vous n'êtes pas le destinataire de ce document, nous vous signalons qu'il est strictement interdit de le diffuser, de le distribuer ou de le reproduire. ----- Original Message ----- From: "Will Holmes" <[EMAIL PROTECTED]> To: "'Tomcat Users List'" <users@tomcat.apache.org> Cc: <[EMAIL PROTECTED]> Sent: Tuesday, March 20, 2007 8:27 AM Subject: RE: Importing an existing SSL cert into a newer JDK version > Does the JDK version that created the keystore file have a tie on it? If > not all I would need to do is install the new JDK and change my Tomcat > environment variables to point to the new JDK. Am I correct? > > Thanks again!! > Will > > -----Original Message----- > From: Mark Thomas [mailto:[EMAIL PROTECTED] > Sent: Sunday, March 18, 2007 11:19 PM > To: Tomcat Users List > Subject: Re: Importing an existing SSL cert into a newer JDK version > > Will Holmes wrote: >> Mark, >> >> Do you know if I have to regenerate a CSR and do a reissue with our CA > or can I import the existing cert? > > As far as I know, the keystore files are the same format so you can > just re-use the file. There should be no need to go back to our CA. > > Mark > > > --------------------------------------------------------------------- > To start a new topic, e-mail: users@tomcat.apache.org > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > > --------------------------------------------------------------------- > To start a new topic, e-mail: users@tomcat.apache.org > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
