I think what is happening in your case is that the SSL handshake fails,
not even sure if debug turned on would show it. (depending on what
connector you are running)
try removing the keyAlias (if you have it set) to let java decide on
what cert in the keystore to use
Filip
Werner Schalk wrote:
Hello,
interestingly it did not work for me in the end. Basically I can
import the certificate and the private key to rebuild
the original keystore using AgentBob's Java code. Fine. Then when
restarting Tomcat it does not complain anymore and everything appears
to be fine (Tomcat says something like "Server started" and no error
messages whatsoever). However when
connecting to the SSL-enabled site, there is no error message coming
up, but any browser (IE, Firefox, Konqueror)
fail to connect to the site saying that the certificate is invalid or
corrupted (although one can still imspect it in
the cert properties of the respective browser). Any ideas on how to
debug this problem? Tomcat appears to be
okay with the cert and the keystore but SSL is still not working?
@Christian: Did you have the same problem in the end or did it all
work for you?
Bye,
Werner
----- Original Message ----- From: "Filip Hanik - Dev Lists"
<[EMAIL PROTECTED]>
To: "Tomcat Users List" <users@tomcat.apache.org>
Sent: Friday, August 31, 2007 4:27 PM
Subject: Re: Problems with SSL-enabled Tomcat 5.5
you need the private key in order to run SSL, but you can import the
private key, so ask the folks from your company for the private key,
here is the info how you import it,
someone else posted it this week
http://www.agentbob.info/agentbob/79.html
Filip
bajistaman wrote:
I'm having the same problem. Some people from my company created the
Certificate Signing Request and the only thing that I've received
was an
email with the certificate, then I tried to install it and I had the
same
problems that Werner has. Do I have to do all over again from Tomcat
from
the private key, CSR, ...?
Thanks,
Johann
#Generate a private key
keytool -storepass changeit -genkey -alias tomcat -keyalg RSA
#Generate the Certificate Signing Request (CSR)
keytool -storepass changeit -certreq -alias tomcat -file name.csr
#Send the CSR to get a certificate
#Import the intermediate cert
keytool -storepass changeit -import -alias intermediateCA -trustcacerts
-file intermediateCA.cer
#Import the cert
keytool -storepass changeit -import -alias tomcat -trustcacerts -file
name.cer
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]