Christopher and All, I am really sorry for not replying. I've coped with my problem before I went to holidays. Solution, which helped me to correctly install delivered certificate, it's key and CA chain, can be found under following URL: http://linuxadmin.com.pl/index.php/tomcat-and-ssl-certificates-small-how-to/ Christopher, thank you for your help. I hope, that this conversation will also help somebody else.
Best Regards -- Piotr Pawlowski On 29 June 2011 16:00, Christopher Schultz <ch...@christopherschultz.net>wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Piotr, > > On 6/29/2011 3:11 AM, Piotr Pawlowski wrote: > > My server.conf for ssl connector looks as follows: > > > > * <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" > > maxThreads="150" scheme="https" secure="true" > > clientAuth="false" sslProtocol="TLS" keyAlias="someAlias" > > keystoreFile="/etc/tomcat/ssl/keystoreFile" > > keystorePass="SomeSecretPassword" /> > > Okay. Are you using APR or not? > > > All files connected with SSL , including key store file, are located in * > > /etc/tomcat/ssl/* directory. > > What is the output of the following command: > > $ keytool -list -keystore /etc/tomcat/ssl/keystoreFile > > You will need to import not only your own certificate and key, but also > the certs from your Certificate Authority (CA). > > > "sec_error_bad_signature" is visible when I enter website from web > browser > > (FireFox). > > Are there any messages in the log file during startup and/or when you > try to make a request? > > - -chris > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.10 (MingW32) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iEYEARECAAYFAk4LMAcACgkQ9CaO5/Lv0PDmxwCdFFWVWXspT74UbfLw0j6p5r3u > 7CUAoI5Gt8aJQEhcSiEcbN193CSpkvCW > =LeMr > -----END PGP SIGNATURE----- > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
