If I switch the certificates in a sense I import the root as a primary and the primary as root, the system works fine on https but displays the usual certificate warning that the CA is not recognized... ------Original Message------ From: Ognjen Blagojevic To: Tomcat Users List ReplyTo: Tomcat Users List Subject: Re: Have a Problem Importing an SSL Certificate Sent: Nov 1, 2010 1:10 AM
Hi Marwan, > I'm spinning into circles importing the certificate into my system. We are > using a web based software that resides on tomcat. Here are the instructions > I have got from the vendor on how to import the SSL: Instructions seems correct. > I'm assuming the root certificate is the one that certifies the CA. I'm using > Equifax Secure eBusiness CA-1. > > I'm also assuming that the primary certificate is the one we purchased and is > issued to us and includes our FQDN. This is also correct. > After I apply the certificates, the system does not work. If I configure > tomcat to use HTTP and any custom port it works. I'm really going out of my > mind!!! After you calm down, please describe what "the system does not work" means? Are all certificates imported correctly? When you list your certificates (with "keytool -list -keystore mykeystore.jks") you should see several trusted key entries and one private key entry. Check if your server.xml config for HTTPS connector is pointing to right keystore file. Describe exactly what did you try and what error message do you get. Regards, Ognjen --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org **Sent from my BlackBerry®** Regards, Marwan Kandeel | IT Support Team Leader | Bupa Arabia PO Box 23807 Jeddah 21436 Saudi Arabia T: +966 920 000 456 Ext. 5119 | M: +966 501 941 099 Disclaimer: Internet communications are not secure and therefore Bupa does not accept legal responsibility for the contents of this message. Any views or opinions presented are solely those of the author and do not necessarily represent those of Bupa. The information in this email is intended only for the named recipient and may be privileged or confidential. If you are not the intended recipient please notify us immediately on +966 920 000456 and do not copy, distribute or take action based on this email. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org