Alexsk Lau

Greenhorn
+ Follow
since Jun 07, 2018
Cows and Likes
Cows
Total received
0
In last 30 days
0
Total given
0
Likes
Total received
0
Received in last 30 days
0
Total given
0
Given in last 30 days
0
Forums and Threads
Scavenger Hunt
expand Ranch Hand Scavenger Hunt
expand Greenhorn Scavenger Hunt

Recent posts by Alexsk Lau

Hi Tim,

Thanks for the reply. I think it lies in the alias that Tomcat only wants it to be "tomcat". I tested this with a self sign certificate and used the same alias in my CSR. Restarting Tomcat resulted in same error. I then create another self sign certificate using tomcat as alias, this time the server starts up no problem and I can access my app using SSL. (of cause with security warning because of the self signed certificate).

Anyone knows if I I can change this behavior? I am using AWS Amazon Linux .

Thanks,
1 year ago
I also had tried to combine my cert nd the root cert into on file and import it to the keystore but still get the same error.
I tried to view the keystore with : keytool -list -v -keystore mykeystore.jks and the alias name that I used was there:

Keystore type: JKS
Keystore provider: SUN

Your keystore contains 1 entry

Alias name: myalias
Creation date: 8-Jun-2018
Entry type: trustedCertEntry

Owner: CN=mysundomainca
Issuer: CN=RapidSSL RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US



1 year ago
Hi,

I had searched on multiple sources and tried multiple solutions but cannot make my Tomcat take my trusted certificates:

I had purchased a SSL certificate from my ISP provider which was issued by DigiCert. I am having trouble to make my Tomcat deployed AWS Linux accepting it. Here are the details of the procedure that I think it should work.

I have created my keystore (jks format) , and signing request using keytool. After getting the certificate for my domain and the root certificate, I ran the following commands:

keytool -import -alias root -file rootca.crt -keystore mkeystore.jks
keytool -import -alias myalias -file mysubdomain.pem -keystore mykeystore.jks

In server.xml, I have the following entry:
<Connector SSLEnabled="true" clientAuth="false" keystoreFile="conf/mykeystore.jks" keystorePass="mypassword" keyAlias="myalias"  maxThreads="150" port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" scheme="https" secure="true" sslProtocol="TLS"/>

After I restart Tomcat, I have the follow error:

Caused by: java.lang.IllegalArgumentException: Alias name [myalias] does not identify a key entry
at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:116)

Any help is appreciated!

Thanks,






1 year ago