wood burning stoves 2.0*
The moose likes Tomcat and the fly likes SSL Help please Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » Tomcat
Bookmark "SSL Help please" Watch "SSL Help please" New topic
Author

SSL Help please

Dmitry Fedorovich
Greenhorn

Joined: Sep 06, 2010
Posts: 8
Hello guys.

I installed tomcat 5 and trying to config https.

I got .crt file and .key file (with private key).
I found out that it tomcat there are 2 ways of enabling ssl (JSSP (default), and ARP)
I created .keystore from .crt file and i think somehow i must add .key to that store (i generated file named .keystore)
If i use JSSP i post in server.xml setting like this

I got an error like


Please help me fix it or advice any different way to configurate ssl in tomcat.

Thank you.
Avneet Kaur
Greenhorn

Joined: Sep 08, 2010
Posts: 1
The steps you have performed seems correct:
1) generating a keystore file
2) enabling port 8443 at server.xml file

Try giving absolute path of your keystore file in server.xml
something like:
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
enableLookups="true"
keystoreFile="c:/tomcat.keystore" keystorePass="xyz"/>
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 15957
    
  19

Welcome to the JavaRanch, Dmitri!

You say you "created the keystore from the .crt file". I'm not sure I know what you did. What you needed to do was create the keystore file using the keytool application ("keytool -genkey") and then add the certificate to the keystore.

Customer surveys are for companies who didn't pay proper attention to begin with.
Dmitry Fedorovich
Greenhorn

Joined: Sep 06, 2010
Posts: 8
Tim Holloway wrote:Welcome to the JavaRanch, Dmitri!

You say you "created the keystore from the .crt file". I'm not sure I know what you did. What you needed to do was create the keystore file using the keytool application ("keytool -genkey") and then add the certificate to the keystore.


It`s just what i did...

After long painful trying i found a better solution. I just installed NGINX and use it as SSL proxy. The only thing i did is setup some config arguments and pathes to .key file and pem file (pem file is just a result of concatenation of .crt and .key files). Thank you very much anyway.
 
jQuery in Action, 2nd edition
 
subject: SSL Help please
 
Similar Threads
SSL configuration problem
[Update - Success] Adding SSL certificate to Server.xml
Tomcat SSL configuration issue - java.io.IOException: jsse.invalid_ssl_conf
another guy who can't get SSL working within Tomcat
import signed certificate into tomcat