Scenario: I created a self-signed certificate for the box I was testing: CN = James Lampert OU = Development Lab O = Touchtone Corporation L = Costa Mesa ST = California C = US
I then installed it into the Tomcat server on that box. Connecting to the site with Firefox, I was told that the certificate was not trusted, and asked whether to trust it. After I said to trust it, Firefox now lets me in without further question.
Then, I temporarily installed the certificate on a customer's Tomcat server, just to verify that SSL support was working there. When I connected to it with Firefox, the initial message questioning the validity of the certificate said something about it being for a different server (so far as I'm aware, it isn't for *any* particular server).
Looking at the two Tomcat servers in Microsloth Imploder, even after telling it to trust the certificate, I consistently get a message, "The security certificate presented by this website was issued for a different website's address."
Looking at the two Tomcat servers in a different version of Firefox, on a different WinDoze box, both Tomcat servers give me the message, that it is not trusted because it is self-signed, and that it is only valid for James Lampert.
What exactly do I need to do, for a certificate to be recognized as the correct one for a given server?
Also: we have a CA-signed certificate that we use to sign JARs. Is that the same sort of certificate used for Tomcat?
-- JHHL --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
