File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Tomcat and the fly likes ssl configuration in tomcat Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » Tomcat
Bookmark "ssl configuration in tomcat" Watch "ssl configuration in tomcat" New topic

ssl configuration in tomcat

Muhammad Imad Qureshi
Ranch Hand

Joined: Sep 13, 2005
Posts: 238

I have configured server.xml to point to my keystore.

I first created my keystore and then created a certificate signing request that I submitted to CA. they sent me a certificate that I imported in my keystore. My keystore also contains a self signed certificate that was automatically created when i created the keystore. now when i start the server and launch the browser it shows me the self signed cert and not the certificate from CA. Why do you think it is. can someone please tell me? its been weeks now i havent been able to solve this problem.

Thanks a lot.
Muhammad Imad Qureshi
Ranch Hand

Joined: Sep 13, 2005
Posts: 238
I found the solution. Problem was that verisign's root certificate was not added in my trusted store (cacerts). So I added that using the following command

keytool -import -alias root -file root.cer -keystore "c:/program files/java/jdk1.5.0_05/jre/lib/security/cacerts" -storepass changeit

the quotation marks are there in the file.

and then I imported the certificate reply from verisign using the same alias that I used to create the key

keytool -import -alias tomcat -file versign.cer -keypass 123456 -trustcacerts -keystore server.keystore

Then it installed the reply in my keystore.
Thats it.
I agree. Here's the link:
subject: ssl configuration in tomcat
It's not a secret anymore!