Chris, "You need to have a key in your keystore with the alias "tomcat" as well. If you have been following http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html#Configuration, you have either missed or misinterpreted a step."
I actually followed the document here: http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html because I am using Tomcat 6. I also did import the cert with the alias "tomcat" (see screenshot below). Is there an order in which to import the certs? I imported the server cert first, then the CA, then the root cert. "I would advise against using the same keystore for both the "keystore" and the "truststore". The trust store is only used for validating client certificates and, IMO, should be kept separate from the certificates you use for the web service itself." These config settings were in place long before I worked here... I was just copying the info from the old server.xml and adding in the new keystore info. If we do not Use any client certs can I remove the truststore line? Thanks, Justin ****************************************************************************** This email and any files transmitted with it are intended solely for the use of the individual or agency to whom they are addressed. If you have received this email in error please notify the Navy Exchange Service Command e-mail administrator. This footnote also confirms that this email message has been scanned for the presence of computer viruses. Thank You! ******************************************************************************