Thank you for the suggestion. could you pl share your connection configuration? also, if no explicit truststore is set in the configuration,would the SSL connector not fall back to JRE truststore which is $JAVA_HOME/jre/lib/security/cacerts ?
Also, did you install the private key andthe identity cert in keystoreFile and the CA cert chain in truststorefile? many thanks! /U dockeryjavaman wrote: > > i had to install my ca root certs in a keystore specificed/referenced by > the "truststorefile" parameter > NOT the keystorefile parm > > > > ________________________________ > From: /U <uma...@comcast.net> > To: users@tomcat.apache.org > Sent: Sat, April 10, 2010 10:07:47 AM > Subject: Re: Installing certificate chain on Tomat > > > hello Pid, > > am i right in assuming that the identity certificate+private key is > installed > in keystoreFile of the SSL connector (C:\keystore below) and the CA > certificate chain is installed in jre/lib/security/cacerts? > > <Connector port="443" > protocol="HTTP/1.1" SSLEnabled="true" > maxThreads="150" scheme="https" secure="true" > clientAuth="false" sslProtocol="TLS" > keystoreFile="C:\keystore" keystorePass="changeit" > /> > > > any assistance appreciated, > > /U > > > -----Original Message----- >> From: "/U" [uma...@comcast.net] >> Date: 04/10/2010 12:02 AM >> To: users@tomcat.apache.org >> Subject: Re: Installing certificate chain on Tomat >> >> Note: Original message sent as attachment >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >> For additional commands, e-mail: users-h...@tomcat.apache.org >> > > > > -- > > -- > pidster.com > > > > -- > View this message in context: > http://old.nabble.com/Installing-certificate-chain-on-Tomat-tp28199836p28202227.html > Sent from the Tomcat - User mailing list archive at Nabble.com. > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > > > -- View this message in context: http://old.nabble.com/Installing-certificate-chain-on-Tomat-tp28199836p28203076.html Sent from the Tomcat - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org