Help coderanch get a
new server
by contributing to the fundraiser
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

ssl configuration in tomcat

 
Ranch Hand
Posts: 238
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi

I have configured server.xml to point to my keystore.

I first created my keystore and then created a certificate signing request that I submitted to CA. they sent me a certificate that I imported in my keystore. My keystore also contains a self signed certificate that was automatically created when i created the keystore. now when i start the server and launch the browser it shows me the self signed cert and not the certificate from CA. Why do you think it is. can someone please tell me? its been weeks now i havent been able to solve this problem.

Thanks a lot.
Imad
 
Muhammad Imad Qureshi
Ranch Hand
Posts: 238
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I found the solution. Problem was that verisign's root certificate was not added in my trusted store (cacerts). So I added that using the following command

keytool -import -alias root -file root.cer -keystore "c:/program files/java/jdk1.5.0_05/jre/lib/security/cacerts" -storepass changeit

the quotation marks are there in the file.

and then I imported the certificate reply from verisign using the same alias that I used to create the key

keytool -import -alias tomcat -file versign.cer -keypass 123456 -trustcacerts -keystore server.keystore

Then it installed the reply in my keystore.
Thats it.
 
A timing clock, fuse wire, high explosives and a tiny ad:
We need your help - Coderanch server fundraiser
https://coderanch.com/t/782867/Coderanch-server-fundraiser
reply
    Bookmark Topic Watch Topic
  • New Topic