Re: Tomcat 6 SSL CA Certificate does not work, but Self signed Certificate does

2014-04-04 Thread Mark Murphy
Thanks everyone, this has been very informative.

Re: Tomcat 6 SSL CA Certificate does not work, but Self signed Certificate does

2014-04-04 Thread Ognjen Blagojevic
Mark, On 4.4.2014 23:54, Mark Thomas wrote: The CA that signed your certificate might not be one of the root CAs trusted by the user agent. Most likely it is an intermediate CA. The root CA will have signed the intermediate CA's certificate and the intermediate CA will have signed your certifica

Re: Tomcat 6 SSL CA Certificate does not work, but Self signed Certificate does

2014-04-04 Thread Ognjen Blagojevic
Mark, On 4.4.2014 23:00, Mark Murphy wrote: So let me try to understand what is going on here. I generate a keystore using keytool, that contains a key. At this point it is equal to a self signed certificate, and it works, but the browser complains that there is no CA. (Standard on this list i

Re: Tomcat 6 SSL CA Certificate does not work, but Self signed Certificate does

2014-04-04 Thread Mark Thomas
On 04/04/2014 22:00, Mark Murphy wrote: > So let me try to understand what is going on here. I generate a keystore > using keytool, that contains a key. At this point it is equal to a self > signed certificate, and it works, but the browser complains that there is > no CA. I then need to create a c

Re: Tomcat 6 SSL CA Certificate does not work, but Self signed Certificate does

2014-04-04 Thread Toby Lazar
Another option I normally use that may work for you (just confirmed it for myself with tomcat): 1. Copy your private key and signed public certificate in PEM format into a single file looking like this: -BEGIN RSA PRIVATE KEY- Proc-Type: 4,ENCRYPTED DEK-Info: DES-EDE3-CBC,F2CCC247E25D

Re: Tomcat 6 SSL CA Certificate does not work, but Self signed Certificate does

2014-04-04 Thread Mark Murphy
Sorry for the dumb questions, I am new to SSL, and want to understand what I am doing, not just run these instructions, and it should work. On Fri, Apr 4, 2014 at 5:00 PM, Mark Murphy wrote: > So let me try to understand what is going on here. I generate a keystore > using keytool, that contain

Re: Tomcat 6 SSL CA Certificate does not work, but Self signed Certificate does

2014-04-04 Thread Mark Murphy
So let me try to understand what is going on here. I generate a keystore using keytool, that contains a key. At this point it is equal to a self signed certificate, and it works, but the browser complains that there is no CA. I then need to create a certificate request ad send that off to goDaddy.

Re: Tomcat 6 SSL CA Certificate does not work, but Self signed Certificate does

2014-04-04 Thread Daniel Mikusa
On Apr 4, 2014, at 4:42 PM, Mark Murphy wrote: > I saw something on StackOverflow that said the key type in the keystore > needs to be PrivateKeyEntry and not trustedCertEntry. Is this true? When I > look at my keystore, it is trustedCertEntry for all the certs. > > But when I look at the type

Re: Tomcat 6 SSL CA Certificate does not work, but Self signed Certificate does

2014-04-04 Thread Mark Thomas
On 04/04/2014 21:42, Mark Murphy wrote: > I saw something on StackOverflow that said the key type in the keystore > needs to be PrivateKeyEntry and not trustedCertEntry. Is this true? When I > look at my keystore, it is trustedCertEntry for all the certs. > > But when I look at the type for the se

Re: Tomcat 6 SSL CA Certificate does not work, but Self signed Certificate does

2014-04-04 Thread Daniel Mikusa
On Apr 4, 2014, at 4:34 PM, Mark Murphy wrote: > 1.5.0_15 Any chance you could try a more recent JVM? Java 6 or preferably Java 7. That’s really old. Dan > > On Fri, Apr 4, 2014 at 3:23 PM, Daniel Mikusa wrote: >> On Apr 4, 2014, at 2:52 PM, Mark Murphy wrote: >> >>> Created my keystore

Re: Tomcat 6 SSL CA Certificate does not work, but Self signed Certificate does

2014-04-04 Thread Mark Murphy
I saw something on StackOverflow that said the key type in the keystore needs to be PrivateKeyEntry and not trustedCertEntry. Is this true? When I look at my keystore, it is trustedCertEntry for all the certs. But when I look at the type for the self signed certificate (which works), it shows keyE

Re: Tomcat 6 SSL CA Certificate does not work, but Self signed Certificate does

2014-04-04 Thread Mark Murphy
1.5.0_15 On Fri, Apr 4, 2014 at 3:23 PM, Daniel Mikusa wrote: > On Apr 4, 2014, at 2:52 PM, Mark Murphy wrote: > >> Created my keystore according to the directions here: >> http://support.godaddy.com/help/article/5239/generating-a-csr-and-installing-an-ssl-certificate-in-tomcat-4x5x6x7x > > Ok.

Re: Tomcat 6 SSL CA Certificate does not work, but Self signed Certificate does

2014-04-04 Thread Daniel Mikusa
On Apr 4, 2014, at 2:52 PM, Mark Murphy wrote: > Created my keystore according to the directions here: > http://support.godaddy.com/help/article/5239/generating-a-csr-and-installing-an-ssl-certificate-in-tomcat-4x5x6x7x Ok. Good start. > This is what I see in Chrome: > > SSL Connection Error

Re: Tomcat 6 SSL CA Certificate does not work, but Self signed Certificate does

2014-04-04 Thread Mark Murphy
Created my keystore according to the directions here: http://support.godaddy.com/help/article/5239/generating-a-csr-and-installing-an-ssl-certificate-in-tomcat-4x5x6x7x This is what I see in Chrome: SSL Connection Error Unable to make a secure connection to the server. This may be a problem wit

Re: Tomcat 6 SSL CA Certificate does not work, but Self signed Certificate does

2014-04-04 Thread Daniel Mikusa
On Apr 4, 2014, at 1:24 PM, Mark Murphy wrote: > I am trying to set up SSL on tomcat with a CA certificate from goDaddy. > > I am unable to load the Web Page using HTTPS. What exactly happens when you try to access it? Please include browser behavior and any errors / messages it gives you abo