Bill,
On 9/22/23 13:25, Bill wrote:
Hello All,
I may have started my SSL Cert install & config at step 2 instead of
step 1... :-(
Most mistakes are recoverable :)
Basically I have created my key store, my p12 file and have my cert all in
a sub directory of the conf directory.
Al
Hello All,
I may have started my SSL Cert install & config at step 2 instead of
step 1... :-(
Basically I have created my key store, my p12 file and have my cert all in
a sub directory of the conf directory.
I have updated the server xml with my connectors per online directions.
Yet my
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Bruce,
On 12/18/14 5:28 PM, Bruce Kostival wrote:
> Tomcat 6.0.x Windows Server 2008 Running Java 7 Home grown app
> written in STS
>
> Running HTTPS with SHA1 cert Obtained SHA2 cert from GoDaddy by
> sending CSR generated from original keystore.
And how do I get the Private Key back? Its definitely not there.
From: Igor Cicimov
Sent: Thursday, December 18, 2014 17:52
To: Tomcat Users List
Subject: Re: GoDaddy SSL cert update from SHA1 to SHA2
On Fri, Dec 19, 2014 at 9:56 AM, Bruce Kostival
s List
> Subject: Re: GoDaddy SSL cert update from SHA1 to SHA2
>
> On Fri, Dec 19, 2014 at 9:28 AM, Bruce Kostival <
> bkosti...@universallumpers.com> wrote:
> >
> > Tomcat 6.0.x
> > Windows Server 2008
> > Running Java 7
> > Home grown app written in
Thanks Igor I'll poke around based on your input.
From: Igor Cicimov
Sent: Thursday, December 18, 2014 15:49
To: Tomcat Users List
Subject: Re: GoDaddy SSL cert update from SHA1 to SHA2
On Fri, Dec 19, 2014 at 9:28 AM, Bruce Kostival <
On Fri, Dec 19, 2014 at 9:28 AM, Bruce Kostival <
bkosti...@universallumpers.com> wrote:
>
> Tomcat 6.0.x
> Windows Server 2008
> Running Java 7
> Home grown app written in STS
>
> Running HTTPS with SHA1 cert
> Obtained SHA2 cert from GoDaddy by sending CSR generated from original
> keystore. Rem
Tomcat 6.0.x
Windows Server 2008
Running Java 7
Home grown app written in STS
Running HTTPS with SHA1 cert
Obtained SHA2 cert from GoDaddy by sending CSR generated from original
keystore. Removed existing aliases from original keystore and loaded new root
and domain cert to keystore.
Trying to
Martin,
On 4.1.2014 0:27, Martin Gainty wrote:
With JKS keystore you must keep private key and certificates in the same
keystore.
MG>Since A pfx that Verisign provides contains key and cert
MG>"Windows servers use .pfx files to contain the public key files (your SSL
Certificate files, provi
MG>Ongnjen
> Gene,
>
> On 3.1.2014 14:55, Gene Matthews wrote:
> > Thie symantec instructions say to ensure the alias for the ssl cert has an
> > Entry Type of PrivateKeyEntry. Mine DOES NOT. Instructions say if it does
> > not, to please import the certific
Gene,
On 3.1.2014 14:55, Gene Matthews wrote:
Thie symantec instructions say to ensure the alias for the ssl cert has an
Entry Type of PrivateKeyEntry. Mine DOES NOT. Instructions say if it does
not, to please import the certificate in the “Private Key” alias.
With JKS keystore you must
ry_inter.cer
keytool -import -trustcacerts -alias secondaryIntermediate -keystore
geneKeystore -file secondary_inter.cer
keystore didn’t exist prior to the first import above but it seemed top
create it ok and prompt for passwords.
- install the SSL cert from Symantec
key
On 14/02/2011 19:46, Sean Killeen wrote:
> It doesn't -- it tells me that a certificate already exists with that alias,
> and the import fails.
Hmm. Did you re-use the same private key for this updated certificate?
If that is the case then I think you can fix this with some java code
but it looks
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Sean,
On 2/15/2011 7:37 AM, Sean Killeen wrote:
> leaving the old intermediate CA & old certificate, I added the new
> intermediate CAs and the new certificate with an alias of "tomcat2". I added
> 'keyAlias="tomcat2"' to my connector to specify the n
Hi Sal,
Thanks for the response. I believe there was a bug or issue which caused us
to use TLSv1 instead of just "TLS" for the setting. At any rate, this
setting has not been an issue in the past, and I can verify that it
strictly enforces TLS (which is our requirement -- we don't want it to be
a
Hi Sean,
Have you tried to specify just "TLS" or "SSL" for the sslProtocol? You
presently have this set at "TLSv1", which I do not believe is valid.
http://tomcat.apache.org/tomcat-6.0-doc/config/http.html
--Sal
On 02/14/2011 02:46 PM, Sean Killeen wrote:
It doesn't -- it tells me that a c
It doesn't -- it tells me that a certificate already exists with that alias,
and the import fails.
--
Sean
On Mon, Feb 14, 2011 at 12:54 PM, Mark Thomas wrote:
> On 14/02/2011 14:03, Sean Killeen wrote:
> > The next step seems to throw tomcat off. I believe I need to replace the
> > "tomcat" a
On 14/02/2011 14:03, Sean Killeen wrote:
> The next step seems to throw tomcat off. I believe I need to replace the
> "tomcat" alias certificate. Barring a replace function in keytool (which I
> don't think exists, though I could be wrong), I think this means I have to
> delete the old "tomcat" cer
Hi all,
I'm hoping someone has run into this problem before.
I'm using VeriSign certs and have imported a certificate correctly before
using keytool. However, the certificate we were using expired, and we
obtained a replacement.
Importing the replacement appears to be more difficult.
Verisign's
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
George,
Please keep posts on the list for the benefit of others.
On 12/14/2010 5:23 PM, George Christiansen - PA wrote:
> If i do have the non-apr connector, and i need to confirm that, how
> would i remove the cert from the keystore?
Look at the h
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
George,
On 12/13/2010 8:15 PM, George Christiansen - PA wrote:
> I'm trying to remove an SSL cert from a Tomcat instance. Can I just
> comment/remove the certs from server.xml and maintain SSL without the
> cert?
If you are using
tra...@srs-management.de]
Sent: Tuesday, December 14, 2010 4:06 AM
To: Tomcat Users List
Subject: Re: SSL Cert
I do not understand the question, how do you want to use SSL without a cert?
Am 14.12.2010 um 02:15 schrieb George Christiansen - PA:
> Hello,
>
> I'm trying to remove an SSL cer
Am Mon, 13 Dec 2010 20:15:55 -0500
schrieb George Christiansen - PA :
> I'm trying to remove an SSL cert from a Tomcat instance. Can I just
> comment/remove the certs from server.xml and maintain SSL without the
> cert?
You can create a self-signed SSL-certificate instead.
Re
I do not understand the question, how do you want to use SSL without a cert?
Am 14.12.2010 um 02:15 schrieb George Christiansen - PA:
> Hello,
>
> I'm trying to remove an SSL cert from a Tomcat instance. Can I just
> comment/remove the certs from server.xml and maintain SSL
Hello,
I'm trying to remove an SSL cert from a Tomcat instance. Can I just
comment/remove the certs from server.xml and maintain SSL without the cert?
Thanks,
George
-
To unsubscribe, e-mail: users-uns
> How do I know for certain that I didn't import into the Java
> installation's system-wide
> Keystore? I used the keytool command below to import the cert. I
don't
> believe I imported my cert into the system-wide keystore but I am not
100%
> certain.
>
> keytool -import -alias tomcat -trust
t -alias tomcat -trustcacerts -file mythawtecert.txt
-keystore [keystorename]
Thanks!!
Will
-Original Message-
From: Christopher Schultz [mailto:[EMAIL PROTECTED]
Sent: Tuesday, March 20, 2007 9:27 AM
To: Tomcat Users List
Cc: 'Martin Gainty'
Subject: Re: Importing an existing SSL cert
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Will,
Will Holmes wrote:
> I would be going from JDK version 1.4 to 1.5 or later. So it sounds like
> I will have to generate a CSR for the new JDK version and I will have to
> involve my CA by reissueing the cert. I am thinking correctly? So there
for the reply?
Will
-Original Message-
From: Martin Gainty [mailto:[EMAIL PROTECTED]
Sent: Tuesday, March 20, 2007 8:45 AM
To: [EMAIL PROTECTED]
Cc: Tomcat Users List
Subject: Re: Importing an existing SSL cert into a newer JDK version
Hi Will-
Generate private key
$JAVA_HOME/bin
m I correct?
>
> Thanks again!!
> Will
>
> -Original Message-
> From: Mark Thomas [mailto:[EMAIL PROTECTED]
> Sent: Sunday, March 18, 2007 11:19 PM
> To: Tomcat Users List
> Subject: Re: Importing an existing SSL cert into a newer JDK version
>
> Will Holmes w
]
Sent: Sunday, March 18, 2007 11:19 PM
To: Tomcat Users List
Subject: Re: Importing an existing SSL cert into a newer JDK version
Will Holmes wrote:
> Mark,
>
> Do you know if I have to regenerate a CSR and do a reissue with our CA
or can I import the existing cert?
As far as I
Will Holmes wrote:
> Mark,
>
> Do you know if I have to regenerate a CSR and do a reissue with our CA or
> can I import the existing cert?
As far as I know, the keystore files are the same format so you can
just re-use the file. There should be no need to go back to our CA.
Mark
---
ar 2007 20:41:02 -0400
>Will & Kim Holmes wrote:
>> Hello all,
>>
>> I need to upgrade my JDK to a newer version but I have imported a SSL
>> cert on the current JDK version. Does anyone know how to import an
>> existing SSL cert into a newer JDK version?
>
&g
Will & Kim Holmes wrote:
> Hello all,
>
> I need to upgrade my JDK to a newer version but I have imported a SSL
> cert on the current JDK version. Does anyone know how to import an
> existing SSL cert into a newer JDK version?
The keystore should work with the newer versio
Hello all,
I need to upgrade my JDK to a newer version but I have imported a SSL
cert on the current JDK version. Does anyone know how to import an existing
SSL cert into a newer JDK version?
Thanks
Will
_
i'm mak
"Mike Korcynski" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
>I have Tomcat and Apache HTTP server running on the same machine. I
> have a key and certificate for the HTTP server set up and working
> properly. I have an application running in tomcat, I want to make the
> applica
I have Tomcat and Apache HTTP server running on the same machine. I
have a key and certificate for the HTTP server set up and working
properly. I have an application running in tomcat, I want to make the
application available directly via Tomcat using SSL and use the same
cert I'm already using f
37 matches
Mail list logo
