On 04/10/2010 12:01 AM, /U wrote:
i am installing certificate chain on tomcat 6.x (JRE 1.6). From my CA I have
private key (PEM),
identity cert (PEM) (CA X trusts myhost)
and a cert chain file (PEM file) (entrust trusts CA X)
The cert chain is: (entrust) === trusts ==> (CA X) == trusts ==> myhost
I have converted the private key and identify cert into DER form
and have imported into /etc/keystore (tomcat's keystore).
I have imported the certificate chain PEM file into
${JAVA_HOME}/jre/lib/security/cacerts.
when I login to tomcat i get warning that certificate
myhost isused by CA X is not trrusted.
It seems like browser does not get full cert chain (entrust => CA X =>
myhost).
what could I be doing wrong? pl help.
Regs,
/U
Hello,
You may want to take a look at Comodo's documentation for Tomcat.
https://support.comodo.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=1204
It shows how to easily install a trusted certificate for use with Tomcat
(and most Java based Web Servers). I've used this documentation quite a
few times and it has always been spot on.
You may want to view the contents of the keystore: keytool -v -list
-keystore KEYSTORE_FILE; to see what is missing. Tomcat should have the
Intermediate Cert(s) and the Entity/Domain Cert inside the keystore.
Hope this helps!
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
