On 17/11/2011 15:26, rosiere wrote: > > Hello, > > Thanks for your suggestions. > I displayd my keystore file with keytool: > keytool -list -v -keystore $myKeystoreFile > keystoreManifest.txt > > > There are 4 entries in my keystore file. > But only one entry contains a field named "Certificate chain length". > > The other 3 entries, as certificates from our CA, contain a field > "Certificate fingerprint" > (or "Empreinte du certificat" in French because my Linux distribution that > supports my JDK and Tomcat was installed in French) > > # intermediate certificate > alias: inter > entry type: trustedCertEntry > issuer: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US > > # root certificate > alias: root > entry type: trustedCertEntr > issuer: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US > > > # our private key > alias : tomcat > entry type: {0} //this is exactly what I see on the prompt, not a variable > of my own writing. > certificate chain length: 1 > issuer: $ourDN > > > alias : $myAlias > entry type: trustedCertEntry > issuer: CN=RapidSSL CA, O="GeoTrust, Inc.", C=US > > > My colleagues concluded that all the necessary certificates were imported, > but none was actually used by Tomcat.
Wrong. When you imported your new certificate, you should have specified "tomcat" as the alias rather than "$myAlias". I suggest you take some backups of your key stores in case you mess things up and then try again. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org