On 17.1.2014 19:14, James H. H. Lampert wrote:
At this point, if you haven't already done so, I would strongly suggest
getting your CA's tech support in on this.
+1
Reserved IP addresses and internal server names are not unique on the
Internet, so the certificates for them may be reused in di
OK Guys, I've got a really strange one here.
I'm trying to upgrade an existing configuration that is working fine under
Tomcat 6.
The existing setup is:
Amazon Web Services instance (VPC with NAT)
Windows Server 2008 R2 Datacenter
Java JDK1.6.0_43
At this point, if you haven't already done so, I would strongly suggest
getting your CA's tech support in on this.
Of course, your latest posts also beg the question of why you would be
spending good money on a signed SSL certificate for an internal web
site, or why you'd be using an internal
Hi Ognjen,
Reading the pdf link you provided it seems that I should use ip based
certificates and for each different ip which needs certificate I will have
to request one.
I should use -ext san=ip:$ip instead of -ext san=dns:$host.
Then CA will not drop the details.
Regards,
Miten.
On Fri, J
If I remove internal /etc/hosts lookup entry should it resolve or you mean
CA just dropped subjectAltName even though I included. - miten
On Jan 17, 2014 7:31 PM, "Ognjen Blagojevic"
wrote:
> Miten,
>
> On 17.1.2014 14:33, Miten Mehta wrote:
>
>> The catalina.out complaines with SSL handshake sta
What's the alternative to using subjectAltName? I thought it was flexible
to make certificate portable across our development environments. Should I
use IP (internal instead)? - Miten.
On Jan 17, 2014 7:31 PM, "Ognjen Blagojevic"
wrote:
> Miten,
>
> On 17.1.2014 14:33, Miten Mehta wrote:
>
>> Th
Hello, Chris !
Thank you for your correspondence with me.
I misleaded you a lot in the following part:
+++For Tomcat 7: lang="ru-RU", content="Oracle UIX",
+++charset="UTF-8" type="text/css"
Actually, charset="UTF-8" is applied only to link element:
Servlet source code does not define contentT
Hi,
I have simple REST application that I run locally using
tomcat7-maven-plugin configured to use tomcat 7.0.47. Changing to version
7.0.50 causes an exception:
Jan 17, 2014 3:01:30 PM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["http-bio-8080"]
Jan 17, 2014 3:01:
Miten,
On 17.1.2014 14:33, Miten Mehta wrote:
The catalina.out complaines with SSL handshake stating No Name matching
mhoodws.ril.local found.
For security reasons, CA shouldn't sign any certificate containing
internal server name (either as CN, or subjectAltName):
"As of July 1, 2012, all
Hi James,
Thanks a lot. I followed your steps but seems I am getting different error
as if the signed certificate is not dns based. The original self signed
certificate was able to work fine in dns based format for keytool when I
imported it into client keystore.
below I created the self signed
10 matches
Mail list logo
